CVE-2014-5191

Ckeditor < 4.4.2 - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in the Preview plugin before 4.4.3 in CKEditor allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References (3)

Scores

EPSS 0.0030
EPSS Percentile 52.8%

Details

CWE
CWE-79
Status published
Products (5)
ckeditor/ckeditor < 4.4.2
ckeditor/ckeditor
ckeditor/ckeditor
ckeditor/ckeditor < 4.4.3Packagist
n/a/n/a
Published Aug 07, 2014
Tracked Since Feb 18, 2026