Description

Cross-site scripting (XSS) vulnerability in the Preview plugin before 4.4.3 in CKEditor allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2014-5191

Related Vulnerabilities

WebLogic CVE-2020-14640 Vulnerability (CVE-2020-14640)

WordPress Plugin Product Subtitle For WooCommerce Arbitrary File Disclosure (4.1)

MediaWiki Other Vulnerability (CVE-2005-3165)

WordPress Plugin Author Stats Cross-Site Scripting (1.3)

Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-3724)

Severity

Medium

Classification

CVE-2014-5191 CWE-707

Tags

Missing Update Known Vulnerabilities