CVE-2020-27193 in Ckeditor and Oracle Products
Published on November 12, 2020

A cross-site scripting (XSS) vulnerability in the Color Dialog plugin for CKEditor 4.15.0 allows remote attackers to run arbitrary web script after persuading a user to copy and paste crafted HTML code into one of editor inputs.

NVD

Products Associated with CVE-2020-27193

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2020-27193 are published in these products:

Ckeditor

Oracle Agile Plm

Oracle Application Express

Oracle Banking Party Management

Oracle Banking Platform

Oracle Commerce Merchandising

Oracle Financial Services Analytical Applications Infrastructure

Oracle Jd Edwards Enterpriseone Tools

Oracle Peoplesoft Enterprise Peopletools

Exploit Probability

EPSS

1.01%

Percentile

76.73%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-27193 in Ckeditor and Oracle ProductsPublished on November 12, 2020

Products Associated with CVE-2020-27193

Exploit Probability

CVE-2020-27193 in Ckeditor and Oracle Products
Published on November 12, 2020