Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Ckeditor Subscribe
Filtered by product Enhanced Image
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-9861 2 Ckeditor, Drupal 2 Enhanced Image, Drupal 2019-07-18 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting (XSS) vulnerability in the Enhanced Image (aka image2) plugin for CKEditor (in versions 4.5.10 through 4.9.1; fixed in 4.9.2), as used in Drupal 8 before 8.4.7 and 8.5.x before 8.5.2 and other products, allows remote attackers to inject arbitrary web script through a crafted IMG element.