Description

Cross-site scripting (XSS) vulnerability in the Preview plugin before 4.4.3 in CKEditor allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2014-5191

Related Vulnerabilities

WordPress Plugin Wordfence Security-Firewall & Malware Scan Cross-Site Scripting (7.6.0)

WordPress Plugin Advanced Contact form 7 DB Information Disclosure (1.1.0)

Grafana Improper Authentication Vulnerability (CVE-2022-39229)

WordPress Plugin CM Tooltip Glossary-Better SEO and UEX for your WP site Cross-Site Scripting (3.9.20)

MediaWiki Release of Invalid Pointer or Reference Vulnerability (CVE-2022-28203)

Severity

Medium

Classification

CVE-2014-5191 CWE-707

Tags

Missing Update Known Vulnerabilities