CVE-2024-45400 (GCVE-0-2024-45400)
Vulnerability from cvelistv5 – Published: 2024-09-05 23:23 – Updated: 2024-09-06 13:25
VLAI?
Title
CKEditor Open Link plugin vulnerable to Cross-site Scripting
Summary
ckeditor-plugin-openlink is a plugin for the CKEditor JavaScript text editor that extends the context menu with a possibility to open a link in a new tab. A vulnerability in versions of the plugin prior to 1.0.7 allowed a user to execute JavaScript code by abusing the link href attribute. The fix is available starting with version 1.0.7.
Severity ?
6.1 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mlewand | ckeditor-plugin-openlink |
Affected:
< 1.0.7
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-45400",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-06T13:24:44.427922Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-06T13:25:02.194Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ckeditor-plugin-openlink",
"vendor": "mlewand",
"versions": [
{
"status": "affected",
"version": "\u003c 1.0.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ckeditor-plugin-openlink is a plugin for the CKEditor JavaScript text editor that extends the context menu with a possibility to open a link in a new tab. A vulnerability in versions of the plugin prior to 1.0.7 allowed a user to execute JavaScript code by abusing the link href attribute. The fix is available starting with version 1.0.7."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T23:23:32.908Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/mlewand/ckeditor-plugin-openlink/security/advisories/GHSA-qj47-6x6q-m3c9",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/mlewand/ckeditor-plugin-openlink/security/advisories/GHSA-qj47-6x6q-m3c9"
},
{
"name": "https://github.com/mlewand/ckeditor-plugin-openlink/commit/402391fdd4d9cfd079031372f9caebbf54993ffb",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mlewand/ckeditor-plugin-openlink/commit/402391fdd4d9cfd079031372f9caebbf54993ffb"
}
],
"source": {
"advisory": "GHSA-qj47-6x6q-m3c9",
"discovery": "UNKNOWN"
},
"title": "CKEditor Open Link plugin vulnerable to Cross-site Scripting"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-45400",
"datePublished": "2024-09-05T23:23:32.908Z",
"dateReserved": "2024-08-28T20:21:32.803Z",
"dateUpdated": "2024-09-06T13:25:02.194Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-45400",
"date": "2026-04-26",
"epss": "0.00801",
"percentile": "0.74147"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mlewand:open_link:*:*:*:*:*:ckeditor:*:*\", \"versionEndExcluding\": \"1.0.7\", \"matchCriteriaId\": \"B3A98245-1561-49F7-9C6B-2527AEFCABE2\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"ckeditor-plugin-openlink is a plugin for the CKEditor JavaScript text editor that extends the context menu with a possibility to open a link in a new tab. A vulnerability in versions of the plugin prior to 1.0.7 allowed a user to execute JavaScript code by abusing the link href attribute. The fix is available starting with version 1.0.7.\"}, {\"lang\": \"es\", \"value\": \"ckeditor-plugin-openlink es un complemento para el editor de texto JavaScript CKEditor que ampl\\u00eda el men\\u00fa contextual con la posibilidad de abrir un enlace en una nueva pesta\\u00f1a. Una vulnerabilidad en las versiones del complemento anteriores a la 1.0.7 permit\\u00eda a un usuario ejecutar c\\u00f3digo JavaScript abusando del atributo href del enlace. La soluci\\u00f3n est\\u00e1 disponible a partir de la versi\\u00f3n 1.0.7.\"}]",
"id": "CVE-2024-45400",
"lastModified": "2024-09-19T18:04:36.627",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 6.1, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 2.7}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 6.1, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 2.7}]}",
"published": "2024-09-06T00:15:02.507",
"references": "[{\"url\": \"https://github.com/mlewand/ckeditor-plugin-openlink/commit/402391fdd4d9cfd079031372f9caebbf54993ffb\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/mlewand/ckeditor-plugin-openlink/security/advisories/GHSA-qj47-6x6q-m3c9\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": "[{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-45400\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-09-06T00:15:02.507\",\"lastModified\":\"2024-09-19T18:04:36.627\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"ckeditor-plugin-openlink is a plugin for the CKEditor JavaScript text editor that extends the context menu with a possibility to open a link in a new tab. A vulnerability in versions of the plugin prior to 1.0.7 allowed a user to execute JavaScript code by abusing the link href attribute. The fix is available starting with version 1.0.7.\"},{\"lang\":\"es\",\"value\":\"ckeditor-plugin-openlink es un complemento para el editor de texto JavaScript CKEditor que ampl\u00eda el men\u00fa contextual con la posibilidad de abrir un enlace en una nueva pesta\u00f1a. Una vulnerabilidad en las versiones del complemento anteriores a la 1.0.7 permit\u00eda a un usuario ejecutar c\u00f3digo JavaScript abusando del atributo href del enlace. La soluci\u00f3n est\u00e1 disponible a partir de la versi\u00f3n 1.0.7.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mlewand:open_link:*:*:*:*:*:ckeditor:*:*\",\"versionEndExcluding\":\"1.0.7\",\"matchCriteriaId\":\"B3A98245-1561-49F7-9C6B-2527AEFCABE2\"}]}]}],\"references\":[{\"url\":\"https://github.com/mlewand/ckeditor-plugin-openlink/commit/402391fdd4d9cfd079031372f9caebbf54993ffb\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/mlewand/ckeditor-plugin-openlink/security/advisories/GHSA-qj47-6x6q-m3c9\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-45400\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-06T13:24:44.427922Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-06T13:24:54.800Z\"}}], \"cna\": {\"title\": \"CKEditor Open Link plugin vulnerable to Cross-site Scripting\", \"source\": {\"advisory\": \"GHSA-qj47-6x6q-m3c9\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 6.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"mlewand\", \"product\": \"ckeditor-plugin-openlink\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 1.0.7\"}]}], \"references\": [{\"url\": \"https://github.com/mlewand/ckeditor-plugin-openlink/security/advisories/GHSA-qj47-6x6q-m3c9\", \"name\": \"https://github.com/mlewand/ckeditor-plugin-openlink/security/advisories/GHSA-qj47-6x6q-m3c9\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/mlewand/ckeditor-plugin-openlink/commit/402391fdd4d9cfd079031372f9caebbf54993ffb\", \"name\": \"https://github.com/mlewand/ckeditor-plugin-openlink/commit/402391fdd4d9cfd079031372f9caebbf54993ffb\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"ckeditor-plugin-openlink is a plugin for the CKEditor JavaScript text editor that extends the context menu with a possibility to open a link in a new tab. A vulnerability in versions of the plugin prior to 1.0.7 allowed a user to execute JavaScript code by abusing the link href attribute. The fix is available starting with version 1.0.7.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-79\", \"description\": \"CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2024-09-05T23:23:32.908Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-45400\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-09-06T13:25:02.194Z\", \"dateReserved\": \"2024-08-28T20:21:32.803Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2024-09-05T23:23:32.908Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…