CVE-2018-9861
published 2018-04-19CVE-2018-9861: Cross-site scripting (XSS) vulnerability in the Enhanced Image (aka image2) plugin for CKEditor (in versions 4.5.10 through 4.9.1; fixed in 4.9.2), as used in…
PriorityP427medium6.1CVSS 3.0
AVNACLPRNUIRSCCLILAN
EPSS
1.78%
75.5th percentile
Cross-site scripting (XSS) vulnerability in the Enhanced Image (aka image2) plugin for CKEditor (in versions 4.5.10 through 4.9.1; fixed in 4.9.2), as used in Drupal 8 before 8.4.7 and 8.5.x before 8.5.2 and other products, allows remote attackers to inject arbitrary web script through a crafted IMG element.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ckeditor | ckeditor | >= 0 < 4.5.7+dfsg-2ubuntu0.18.04.1 | 4.5.7+dfsg-2ubuntu0.18.04.1 |
| ckeditor | ckeditor | >= 0 < 4.12.1+dfsg-1ubuntu0.1 | 4.12.1+dfsg-1ubuntu0.1 |
| ckeditor | ckeditor | >= 0 < 4.5.7+dfsg-2ubuntu0.16.04.1~esm1 | 4.5.7+dfsg-2ubuntu0.16.04.1~esm1 |
| ckeditor | enhanced_image | >= 4.5.10 < 4.9.2 | 4.9.2 |
| drupal | core | >= 8.0 < 8.4.7 | 8.4.7 |
| drupal | core | >= 8.0.0 < 8.4.7 | 8.4.7 |
| drupal | core | >= 8.5.0 < 8.5.2 | 8.5.2 |
| drupal | drupal | >= 8.0 < 8.4.7 | 8.4.7 |
| drupal | drupal | >= 8.0.0 < 8.4.7 | 8.4.7 |
| drupal | drupal | >= 8.5 < 8.5.2 | 8.5.2 |
| drupal | drupal | >= 8.5.0 < 8.5.2 | 8.5.2 |
| drupal | drupal_core | — | — |
CVSS provenance
nvdv3.06.1MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
osv6.1MEDIUM
vendor_ubuntu6.1MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Enhanced Image plugin for CKEditor is vulnerable to Cross-site scripting (XSS)
ghsa·2022-05-14
CVE-2018-9861 [MEDIUM] CWE-79 Enhanced Image plugin for CKEditor is vulnerable to Cross-site scripting (XSS)
Enhanced Image plugin for CKEditor is vulnerable to Cross-site scripting (XSS)
The Enhanced Image (aka [image2](https://github.com/ckeditor/ckeditor4/tree/master/plugins/image2)) plugin for CKEditor in versions 4.5.10 through 4.9.1; fixed in 4.9.2, and as used in Drupal 8 before 8.4.7 and 8.5.x before 8.5.2 and other products, is vulnerable to cross-site scripting because it allows remote attackers to inject arbitrary web script through a crafted IMG element.
OSV
Enhanced Image plugin for CKEditor is vulnerable to Cross-site scripting (XSS)
osv·2022-05-14
CVE-2018-9861 [MEDIUM] Enhanced Image plugin for CKEditor is vulnerable to Cross-site scripting (XSS)
Enhanced Image plugin for CKEditor is vulnerable to Cross-site scripting (XSS)
The Enhanced Image (aka [image2](https://github.com/ckeditor/ckeditor4/tree/master/plugins/image2)) plugin for CKEditor in versions 4.5.10 through 4.9.1; fixed in 4.9.2, and as used in Drupal 8 before 8.4.7 and 8.5.x before 8.5.2 and other products, is vulnerable to cross-site scripting because it allows remote attackers to inject arbitrary web script through a crafted IMG element.
OSV
ckeditor vulnerabilities
osv·2022-03-23·CVSS 6.1
CVE-2018-9861 [MEDIUM] ckeditor vulnerabilities
ckeditor vulnerabilities
USN-5340-1 fixed several vulnerabilities in CKEditor.
This update provides the fixes for CVE-2018-9861, CVE-2020-9281,
CVE-2021-32809, CVE-2021-33829 and CVE-2021-37695 for Ubuntu 16.04 ESM.
Original advisory details:
Kyaw Min Thein discovered that CKEditor incorrectly handled
certain inputs. An attacker could possibly use this issue
to execute arbitrary code. This issue only affects
Ubuntu 18.04 LTS. (CVE-2018-9861)
Micha Bentkowski discovered that CKEditor incorrectly handled
certain inputs. An attacker could possibly use this issue to
execute arbitrary code. This issue only affects
Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-9281)
Anton Subbotin discovered that CKEditor incorrectly handled
certain inputs. An attacker could possibly use this issue to
ex
OSV
ckeditor vulnerabilities
osv·2022-03-22·CVSS 6.1
CVE-2018-9861 [MEDIUM] ckeditor vulnerabilities
ckeditor vulnerabilities
Kyaw Min Thein discovered that CKEditor incorrectly handled
certain inputs. An attacker could possibly use this issue
to execute arbitrary code. This issue only affects
Ubuntu 18.04 LTS. (CVE-2018-9861)
Micha Bentkowski discovered that CKEditor incorrectly handled
certain inputs. An attacker could possibly use this issue to
execute arbitrary code. This issue only affects
Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-9281)
Anton Subbotin discovered that CKEditor incorrectly handled
certain inputs. An attacker could possibly use this issue to
execute arbitrary code. This issue only affects
Ubuntu 21.10. (CVE-2021-32808)
Anton Subbotin discovered that CKEditor incorrectly handled
certain inputs. An attacker could possibly use this issue to
inject arbitrary code
OSV
CVE-2018-9861: Cross-site scripting (XSS) vulnerability in the Enhanced Image (aka image2) plugin for CKEditor (in versions 4
osv·2018-04-19·CVSS 6.1
CVE-2018-9861 [MEDIUM] CVE-2018-9861: Cross-site scripting (XSS) vulnerability in the Enhanced Image (aka image2) plugin for CKEditor (in versions 4
Cross-site scripting (XSS) vulnerability in the Enhanced Image (aka image2) plugin for CKEditor (in versions 4.5.10 through 4.9.1; fixed in 4.9.2), as used in Drupal 8 before 8.4.7 and 8.5.x before 8.5.2 and other products, allows remote attackers to inject arbitrary web script through a crafted IMG element.
OSV
CVE-2018-9861: CKEditor, a third-party JavaScript library included in Drupal core, has [fixed a cross-site scripting (XSS) vulnerability](https://ckeditor
osv·2018-04-18
CVE-2018-9861 CVE-2018-9861: CKEditor, a third-party JavaScript library included in Drupal core, has [fixed a cross-site scripting (XSS) vulnerability](https://ckeditor
CKEditor, a third-party JavaScript library included in Drupal core, has [fixed a cross-site scripting (XSS) vulnerability](https://ckeditor.com/blog/CKEditor-4.9.2-with-a-security-patch-released/). The vulnerability stemmed from the fact that it was possible to execute XSS inside CKEditor when using the `image2` plugin (which Drupal 8 core also uses).
We would like to thank the CKEditor team for patching the vulnerability and coordinating the fix and release process, and matching the Drupal core security window.
Ubuntu
CKEditor vulnerabilities
vendor_ubuntu·2022-03-23·CVSS 6.1
CVE-2021-32809 [MEDIUM] CKEditor vulnerabilities
Title: CKEditor vulnerabilities
Summary: Several security issues were fixed in CKEditor.
USN-5340-1 fixed several vulnerabilities in CKEditor.
This update provides the fixes for CVE-2018-9861, CVE-2020-9281,
CVE-2021-32809, CVE-2021-33829 and CVE-2021-37695 for Ubuntu 16.04 ESM.
Original advisory details:
Kyaw Min Thein discovered that CKEditor incorrectly handled
certain inputs. An attacker could possibly use this issue
to execute arbitrary code. This issue only affects
Ubuntu 18.04 LTS. (CVE-2018-9861)
Micha Bentkowski discovered that CKEditor incorrectly handled
certain inputs. An attacker could possibly use this issue to
execute arbitrary code. This issue only affects
Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-9281)
Anton Subbotin discovered that CKEditor incorrectly handle
Ubuntu
CKEditor vulnerabilities
vendor_ubuntu·2022-03-22·CVSS 6.1
CVE-2020-9281 [MEDIUM] CKEditor vulnerabilities
Title: CKEditor vulnerabilities
Summary: Several security issues were fixed in CKEditor.
Kyaw Min Thein discovered that CKEditor incorrectly handled
certain inputs. An attacker could possibly use this issue
to execute arbitrary code. This issue only affects
Ubuntu 18.04 LTS. (CVE-2018-9861)
Micha Bentkowski discovered that CKEditor incorrectly handled
certain inputs. An attacker could possibly use this issue to
execute arbitrary code. This issue only affects
Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-9281)
Anton Subbotin discovered that CKEditor incorrectly handled
certain inputs. An attacker could possibly use this issue to
execute arbitrary code. This issue only affects
Ubuntu 21.10. (CVE-2021-32808)
Anton Subbotin discovered that CKEditor incorrectly handled
certain inputs. A
Drupal
Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2018-003
vendor_drupal·2018-04-18
CVE-2018-9861 [MEDIUM] Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2018-003
Title: Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2018-003
Vulnerability Type: Cross Site Scripting
Description: CKEditor, a third-party JavaScript library included in Drupal core, has fixed a cross-site scripting (XSS) vulnerability . The vulnerability stemmed from the fact that it was possible to execute XSS inside CKEditor when using the image2 plugin (which Drupal 8 core also uses). We would like to thank the CKEditor team for patching the vulnerability and coordinating the fix and release process, and matching the Drupal core security window.
Solution: If you are using Drupal 8, update to Drupal 8.5.2 or Drupal 8.4.7 . The Drupal 7.x CKEditor contributed module is not affected if you are running CKEditor module 7.x-1.18 and using CKEditor from the CDN, since
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2018-9861 ckeditor: Cross-site scripting (XSS) vulnerability when using image2 plugin
bugzilla·2018-04-20·CVSS 6.1
CVE-2018-9861 [MEDIUM] CVE-2018-9861 ckeditor: Cross-site scripting (XSS) vulnerability when using image2 plugin
CVE-2018-9861 ckeditor: Cross-site scripting (XSS) vulnerability when using image2 plugin
CKEditor versions 4.5.11 through 4.9.1 have a cross-site scripting (XSS) vulnerability when using the image2 plugin.
CKEditor bundled with Drupal 8 is fixed in versions 8.5.2 and 8.4.7.
The Drupal 7.x CKEditor version 1.18 is not vulnerable.
External References:
https://www.drupal.org/sa-core-2018-003
Upstream patch:
https://github.com/ckeditor/ckeditor-dev/commit/aab10e3d0ad6a11cfb4eab47f1c0353593dd4f00
Discussion:
Created ckeditor tracking bugs for this issue:
Affects: fedora-all [bug 1569829]
Created drupal8 tracking bugs for this issue:
Affects: fedora-all [bug 1569830]
---
All dependent bugs have been closed. Can this tracking bug be closed?
---
In reply to comment #2:
> All de
Bugzilla
CVE-2018-9861 ckeditor: Cross-site scripting (XSS) vulnerability when using image2 plugin [fedora-all]
bugzilla·2018-04-20·CVSS 6.1
CVE-2018-9861 [MEDIUM] CVE-2018-9861 ckeditor: Cross-site scripting (XSS) vulnerability when using image2 plugin [fedora-all]
CVE-2018-9861 ckeditor: Cross-site scripting (XSS) vulnerability when using image2 plugin [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects mu
Bugzilla
CVE-2018-9861 drupal8: ckeditor: Cross-site scripting (XSS) vulnerability when using image2 plugin [fedora-all]
bugzilla·2018-04-20·CVSS 6.1
CVE-2018-9861 [MEDIUM] CVE-2018-9861 drupal8: ckeditor: Cross-site scripting (XSS) vulnerability when using image2 plugin [fedora-all]
CVE-2018-9861 drupal8: ckeditor: Cross-site scripting (XSS) vulnerability when using image2 plugin [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue a
http://www.securityfocus.com/bid/103924https://github.com/ckeditor/ckeditor-dev/blob/master/CHANGES.mdhttps://www.drupal.org/sa-core-2018-003https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.htmlhttp://www.securityfocus.com/bid/103924https://github.com/ckeditor/ckeditor-dev/blob/master/CHANGES.mdhttps://www.drupal.org/sa-core-2018-003https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
2018-04-19
Published