Unrated severityNVD Advisory· Published Jul 5, 2009· Updated Apr 23, 2026
CVE-2009-2324
CVE-2009-2324
Description
Multiple cross-site scripting (XSS) vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to inject arbitrary web script or HTML via components in the samples (aka _samples) directory.
Affected products
27cpe:2.3:a:fckeditor:fckeditor:*:*:*:*:*:*:*:*+ 26 more
- cpe:2.3:a:fckeditor:fckeditor:*:*:*:*:*:*:*:*range: <=2.6.4
- cpe:2.3:a:fckeditor:fckeditor:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:fckeditor:fckeditor:2.0_fc:*:*:*:*:*:*:*
- cpe:2.3:a:fckeditor:fckeditor:2.0_rc2:*:*:*:*:*:*:*
- cpe:2.3:a:fckeditor:fckeditor:2.0rc2:*:*:*:*:*:*:*
- cpe:2.3:a:fckeditor:fckeditor:2.0rc3:*:*:*:*:*:*:*
- cpe:2.3:a:fckeditor:fckeditor:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:fckeditor:fckeditor:2.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:fckeditor:fckeditor:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:fckeditor:fckeditor:2.3:*:*:*:*:*:*:*
- cpe:2.3:a:fckeditor:fckeditor:2.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:fckeditor:fckeditor:2.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:fckeditor:fckeditor:2.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:fckeditor:fckeditor:2.3:beta:*:*:*:*:*:*
- cpe:2.3:a:fckeditor:fckeditor:2.4:*:*:*:*:*:*:*
- cpe:2.3:a:fckeditor:fckeditor:2.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:fckeditor:fckeditor:2.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:fckeditor:fckeditor:2.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:fckeditor:fckeditor:2.5:*:*:*:*:*:*:*
- cpe:2.3:a:fckeditor:fckeditor:2.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:fckeditor:fckeditor:2.5:beta:*:*:*:*:*:*
- cpe:2.3:a:fckeditor:fckeditor:2.6:*:*:*:*:*:*:*
- cpe:2.3:a:fckeditor:fckeditor:2.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:fckeditor:fckeditor:2.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:fckeditor:fckeditor:2.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:fckeditor:fckeditor:2.6.3:beta:*:*:*:*:*:*
- cpe:2.3:a:fckeditor:fckeditor:2.6.4:beta:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3News mentions
0No linked articles in our index yet.