Lucene search
HistoryAug 07, 2014 - 11:13 a.m.
CVE-2014-5191
cve-2014-5191
cross-site scripting
xss
ckeditor preview plugin
nvd
security advisory
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.6 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
57.0%
Cross-site scripting (XSS) vulnerability in the Preview plugin before 4.4.3 in CKEditor allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Affected configurations
Node
ckeditorckeditorRangeβ€4.4.2
ORckeditorckeditorMatch4.4.0
ORckeditorckeditorMatch4.4.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| ckeditor:ckeditor | ckeditor | le | 4.4.2 |
| ckeditor:ckeditor | ckeditor | eq | 4.4.0 |
| ckeditor:ckeditor | ckeditor | eq | 4.4.1 |
Related
nessus
nessus
CKEditor Preview Plugin Unspecified XSS
2014-07-31 00:00:00
IBM WebSphere Portal CKEditor XSS (PI24992, PI26456)
2014-10-30 00:00:00
IBM WebSphere Portal 8.0.0.x < 8.0.0.1 CF15 Multiple Vulnerabilities
2015-04-17 00:00:00
veracode
veracode
Cross-Site Scripting (XSS)
2015-02-11 16:10:59
debiancve
debiancve
CVE-2014-5191
2014-08-07 11:13:37
ibm
ibm
cvelist
cvelist
CVE-2014-5191
2014-08-07 10:00:00
ubuntucve
ubuntucve
CVE-2014-5191
2014-08-07 00:00:00
prion
prion
Cross site scripting
2014-08-07 11:13:00
nvd
nvd
CVE-2014-5191
2014-08-07 11:13:37
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.6 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
57.0%
Related for CVE-2014-5191