Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

JavaScript Library

CKEditor

Product portfolio of rich text editors and collaborative editing solutions delivered through fast and secure cloud services.

Official Site:

https://ckeditor.com/

Severity Summary:

Critical: 1 High: 1 Medium: 19
Reference
Title
Severity
CVE-2023-31541
CKEditor Unrestricted Upload of File with Dangerous Type Vulnerability
Critical
CVE-2022-24729
CKEditor Other Vulnerability
High
CVE-2020-9440
CKEditor Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-41164
CKEditor Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2024-24816
CKEditor Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2024-24815
CKEditor Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-28439
CKEditor Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2022-48110
CKEditor Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-32809
CKEditor Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2022-24728
CKEditor Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-41165
CKEditor Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-9281
CKEditor Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-32808
CKEditor Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-37695
CKEditor Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-33829
CKEditor Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2018-17960
CKEditor Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2014-5191
CKEditor Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-26271
CKEditor Inclusion of Functionality from Untrusted Control Sphere Vulnerability
Medium
CVE-2021-26272
CKEditor Inclusion of Functionality from Untrusted Control Sphere Vulnerability
Medium
CVE-2020-27193
CKEditor Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2024-43407
CKEditor Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium