CVEs-PoC/2021/CVE-2021-26272.md at main

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-02-12 18:42:46 +00:00

Files

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

816 B

Raw Permalink Blame History

CVE-2021-26272

Description

It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted URL-like text into the editor, and then press Enter or Space (in the Autolink plugin).

POC

Reference

https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html

Github

https://github.com/ARPSyndicate/cve-scores

816 B Raw Permalink Blame History

CVE-2021-26272

Description

POC

Reference

Github

816 B

Raw Permalink Blame History