Description
Cross-site scripting (XSS) vulnerability in the Preview plugin before 4.4.3 in CKEditor allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2014-5089 | The Preview plugin in CKEditor allows Cross-site scripting (XSS) |
Github GHSA |
GHSA-v27h-j97p-wqmx | The Preview plugin in CKEditor allows Cross-site scripting (XSS) |
References
History
No history.
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-06T11:34:37.519Z
Reserved: 2014-08-07T00:00:00.000Z
Link: CVE-2014-5191
No data.
Status : Modified
Published: 2014-08-07T11:13:37.063
Modified: 2026-06-17T00:11:11.290
Link: CVE-2014-5191
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
EUVD
Github GHSA