CNVD-2024-09867 — Vulnetix

CNVD-2024-09867 PUBLISHED

CKEditor是一套开源的、基于网页的文字编辑器。 CKEditor4存在跨站脚本漏洞，该漏洞源于存在跨站脚本漏洞，攻击者可利用该漏洞通过滥用错误配置的预览功能来执行JavaScript代码。

Exploit Intelligence

CKEditor 4 < 4.24.0-lts - XSS vulnerability in samples that use the "preview" feature. (github-poc)
CKEditor 4 < 4.24.0-lts - XSS vulnerability in samples that use the "preview" feature. (github-poc)
.bundler-audit.yml (github-poc)
.bundler-audit.yml (github-poc)

Timeline

CVE Published

Open in Interactive Console →

$ Console Community · 100/wk Open console ›