CVE-2020-9440

A cross-site scripting (XSS) vulnerability in the WSC plugin through 5.5.7.5 for CKEditor 4 allows remote attackers to run arbitrary web script inside an IFRAME element by injecting a crafted HTML element into the editor.
Configurations

Configuration 1

cpe:2.3:a:ckeditor:ckeditor:4.0:*:*:*:*:*:*:*
cpe:2.3:a:webspellchecker:webspellchecker:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*

Information

Published : 2020-03-10 05:15

Updated : 2022-05-24 05:46


NVD link : CVE-2020-9440

Mitre link : CVE-2020-9440

Products Affected
No products.
CWE