CVE-2023-37905
CVSS V2 None
CVSS V3 None
Description
ckeditor-wordcount-plugin is an open source WordCount Plugin for CKEditor. It has been discovered that the `ckeditor-wordcount-plugin` plugin for CKEditor4 is susceptible to cross-site scripting when switching to the source code mode. This issue has been addressed in version 1.17.12 of the `ckeditor-wordcount-plugin` plugin and users are advised to upgrade. There are no known workarounds for this vulnerability.
Overview
- CVE ID
- CVE-2023-37905
- Assigner
- GitHub_M
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-07-21T19:35:49.656Z
- Last Modified Date
- 2023-09-15T18:24:18.068Z
Weakness Enumerations
References
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-37905 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37905 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-06-25 01:20:25 | Added to TrackCVE |