CVE-2021-26271 in Ckeditor and Oracle Products
Published on January 26, 2021

It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted text into the Styles input of specific dialogs (in the Advanced Tab for Dialogs plugin).

NVD

Products Associated with CVE-2021-26271

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2021-26271 are published in these products:

Ckeditor

Oracle Agile Plm

Oracle Application Express

Oracle Financial Services Analytical Applications Infrastructure

Oracle Jd Edwards Enterpriseone Tools

Oracle Siebel Ui Framework

Oracle Webcenter Sites

Exploit Probability

EPSS

0.43%

Percentile

62.01%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2021-26271 in Ckeditor and Oracle ProductsPublished on January 26, 2021

Products Associated with CVE-2021-26271

Exploit Probability

CVE-2021-26271 in Ckeditor and Oracle Products
Published on January 26, 2021