ckeditor/ckeditor Security Advisories for 4.23.x-dev (2)
-
[MEDIUM] Code Snippet GeSHi plugin in CKEditor 4 has reflected cross-site scripting (XSS) vulnerability
PKSA-sd3x-9jwt-jn4s CVE-2024-43407 GHSA-7r32-vfj5-c2jv
Affected version: <4.25.0
Reported by:
GitHub -
[MEDIUM] CKEditor4 Cross-site Scripting vulnerability caused by incorrect CDATA detection
PKSA-4d16-gn5t-2wt7 CVE-2024-24815 GHSA-fq6h-4g8v-qqvm
Affected version: <4.24.0
Reported by:
GitHub