VYPR
Moderate severityNVD Advisory· Published Nov 16, 2023· Updated Oct 1, 2024

Cross-Site Scripting vulnerability in CKSource CKEditor

CVE-2023-4771

Description

A Cross-Site scripting vulnerability has been found in CKSource CKEditor affecting versions 4.15.1 and earlier. An attacker could send malicious javascript code through the /ckeditor/samples/old/ajax.html file and retrieve an authorized user's information.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
ckeditor4npm
< 4.24.0-lts4.24.0-lts

Affected products

2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.