Fedora 30 : ckeditor (2020-261449d821)

medium Nessus Plugin ID 134988

Language:

Synopsis

The remote Fedora host is missing a security update.

Description

## CKEditor 4.14

**Security Updates:**

- [CVE-2020-9281](https://nvd.nist.gov/vuln/detail/CVE-202 0-9281) Fixed XSS vulnerability in the HTML data processor reported by [Michał
Bentkowski](https://twitter.com/securitymb) of Securitum.

	Issue summary: It was possible to execute XSS inside CKEditor after persuading the victim to: (i) switch CKEditor to source mode, then (ii) paste a specially crafted HTML code, prepared by the attacker, into the opened CKEditor source area, and (iii) switch back to WYSIWYG mode or (i) copy the specially crafted HTML code, prepared by the attacker and (ii) paste it into CKEditor in WYSIWYG mode.

- [CVE-2020-9440](https://nvd.nist.gov/vuln/detail/CVE-202 0-9440) Fixed XSS vulnerability in the WebSpellChecker Dialog plugin reported by [Pham Van Khanh](https://twitter.com/rskvp93) from Viettel Cyber Security.

	Issue summary: It was possible to execute XSS using CKEditor after persuading the victim to: (i) switch CKEditor to source mode, then (ii) paste a specially crafted HTML code, prepared by the attacker, into the opened CKEditor source area, then (iii) switch back to WYSIWYG mode, and (iv) preview CKEditor content outside CKEditor editable area.

**An upgrade is highly recommended!**

New features :

- [#2374](https://github.com/ckeditor/ckeditor4/issues/237 4): Added support for pasting rich content from LibreOffice Writer with the [Paste from LibreOffice](https://ckeditor.com/cke4/addon/pastefromli breoffice) plugin.

- [#2583](https://github.com/ckeditor/ckeditor4/issues/258 3): Changed [emoji](https://ckeditor.com/cke4/addon/emoji) suggestion box to show the matched emoji name instead of an ID.

- [#3748](https://github.com/ckeditor/ckeditor4/issues/374 8): Improved the [color button](https://ckeditor.com/cke4/addon/colorbutton) state to reflect the selected editor content colors.

- [#3661](https://github.com/ckeditor/ckeditor4/issues/366 1): Improved the [Print](https://ckeditor.com/cke4/addon/print) plugin to respect styling rendered by the [Preview](https://ckeditor.com/cke4/addon/preview) plugin.

- [#3547](https://github.com/ckeditor/ckeditor4/issues/354 7): Active [dialog](https://ckeditor.com/cke4/addon/dialog) tab now has the `aria-selected='true'` attribute.

- [#3441](https://github.com/ckeditor/ckeditor4/issues/344 1): Improved [`widget.getClipboardHtml()`](https://ckeditor.com/docs/ ckeditor4/latest/api/CKEDITOR_plugins_widget.html#method
-getClipboardHtml) support for dragging and dropping multiple [widgets](https://ckeditor.com/cke4/addon/widget).

Fixed Issues :

- [#3587](https://github.com/ckeditor/ckeditor4/issues/358 7): [Edge, IE] Fixed:
[Widget](https://ckeditor.com/cke4/addon/widget) with form input elements loses focus during typing.

- [#3705](https://github.com/ckeditor/ckeditor4/issues/370 5): [Safari] Fixed: Safari incorrectly removes blocks with the [`editor.extractSelectedHtml()`](https://ckeditor.com/do cs/ckeditor4/latest/api/CKEDITOR_editor.html#method-extr actSelectedHtml) method after selecting all content.

- [#1306](https://github.com/ckeditor/ckeditor4/issues/130 6): Fixed: The [Font](https://ckeditor.com/cke4/addon/font) plugin creates nested HTML `<span>` tags when reapplying the same font multiple times.

- [#3498](https://github.com/ckeditor/ckeditor4/issues/349 8): Fixed: The editor throws an error during the copy operation when a [widget](https://ckeditor.com/cke4/addon/widget) is partially selected.

- [#2517](https://github.com/ckeditor/ckeditor4/issues/251 7): [Chrome, Firefox, Safari] Fixed: Inserting a new image when the selection partially covers an existing [enhanced image](https://ckeditor.com/cke4/addon/image2) widget throws an error.

- [#3007](https://github.com/ckeditor/ckeditor4/issues/300 7): [Chrome, Firefox, Safari] Fixed: Cannot modify the editor content once the selection is released over a [widget](https://ckeditor.com/cke4/addon/widget).

- [#3698](https://github.com/ckeditor/ckeditor4/issues/369 8): Fixed: Cutting the selected text when a [widget](https://ckeditor.com/cke4/addon/widget) is partially selected merges paragraphs.

API Changes :

- [#3387](https://github.com/ckeditor/ckeditor4/issues/338 7): Added the [CKEDITOR.ui.richCombo.select()](https://ckeditor.com/do cs/ckeditor4/latest/api/CKEDITOR_ui_richCombo.html#metho d-select) method.

- [#3727](https://github.com/ckeditor/ckeditor4/issues/372 7): Added new `textColor` and `bgColor` commands that apply the selected color chosen by the [Color Button](https://ckeditor.com/cke4/addon/colorbutton) plugin.

- [#3728](https://github.com/ckeditor/ckeditor4/issues/372 8): Added new `font` and `fontSize` commands that apply the selected font style chosen by the [Font](https://ckeditor.com/cke4/addon/colorbutton) plugin.

- [#3842](https://github.com/ckeditor/ckeditor4/issues/384 2): Added the [`editor.getSelectedRanges()`](https://ckeditor.com/docs /ckeditor4/latest/api/CKEDITOR_editor.html#method-getSel ectedRanges) alias.

- [#3775](https://github.com/ckeditor/ckeditor4/issues/377 5): Widget [mask](https://ckeditor.com/docs/ckeditor4/latest/api/CK EDITOR_plugins_widget.html#property-mask) and [parts](https://ckeditor.com/docs/ckeditor4/latest/api/C KEDITOR_plugins_widget.html#property-parts) can now be refreshed dynamically via API calls.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected ckeditor package.

See Also

http://www.nessus.org/u?1bf31ab9

http://www.nessus.org/u?80168bb6

http://www.nessus.org/u?97ea65ba

http://www.nessus.org/u?9209d626

https://github.com/ckeditor/ckeditor4/issues/1306

https://github.com/ckeditor/ckeditor4/issues/2374

https://github.com/ckeditor/ckeditor4/issues/2517

https://github.com/ckeditor/ckeditor4/issues/2583

https://github.com/ckeditor/ckeditor4/issues/3007

https://github.com/ckeditor/ckeditor4/issues/3387

https://github.com/ckeditor/ckeditor4/issues/3441

https://github.com/ckeditor/ckeditor4/issues/3498

https://github.com/ckeditor/ckeditor4/issues/3547

https://github.com/ckeditor/ckeditor4/issues/3587

https://github.com/ckeditor/ckeditor4/issues/3661

https://github.com/ckeditor/ckeditor4/issues/3698

https://github.com/ckeditor/ckeditor4/issues/3705

https://github.com/ckeditor/ckeditor4/issues/3727

https://github.com/ckeditor/ckeditor4/issues/3728

https://github.com/ckeditor/ckeditor4/issues/3748

https://github.com/ckeditor/ckeditor4/issues/3775

https://github.com/ckeditor/ckeditor4/issues/3842

https://nvd.nist.gov/vuln/detail/CVE-2020-9281

https://nvd.nist.gov/vuln/detail/CVE-2020-9440

https://twitter.com/rskvp93

https://twitter.com/securitymb

https://bodhi.fedoraproject.org/updates/FEDORA-2020-261449d821

https://ckeditor.com/cke4/addon/colorbutton

https://ckeditor.com/cke4/addon/dialog

https://ckeditor.com/cke4/addon/emoji

https://ckeditor.com/cke4/addon/font

https://ckeditor.com/cke4/addon/image2

https://ckeditor.com/cke4/addon/pastefromlibreoffice

https://ckeditor.com/cke4/addon/preview

https://ckeditor.com/cke4/addon/print

https://ckeditor.com/cke4/addon/widget

http://www.nessus.org/u?83e48840

http://www.nessus.org/u?ac2ddc1e

Plugin Details

Severity: Medium

ID: 134988

File Name: fedora_2020-261449d821.nasl

Version: 1.5

Type: local

Agent: unix

Published: 3/30/2020

Updated: 3/20/2024

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.0

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.2

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS Score Source: CVE-2020-9440

CVSS v3

Risk Factor: Medium

Base Score: 6.1

Temporal Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:ckeditor, cpe:/o:fedoraproject:fedora:30

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 3/29/2020

Vulnerability Publication Date: 3/7/2020

Reference Information

CVE: CVE-2020-9281, CVE-2020-9440