Ckfinder

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2016-20023 MEDIUM This Month

A remote code execution vulnerability in CKSource CKFinder (CVSS 5.0). Remediation should follow standard vulnerability management procedures.

Information Disclosure Ckfinder
NVD
CVSS 3.1
5.0
EPSS
0.1%
CVE-2025-63830 MEDIUM POC This Month

CKFinder 1.4.3 is vulnerable to Cross Site Scripting (XSS) in the File Upload function. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload XSS Ckfinder
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2016-20023
EPSS 0% CVSS 5.0
MEDIUM This Month

A remote code execution vulnerability in CKSource CKFinder (CVSS 5.0). Remediation should follow standard vulnerability management procedures.

Information Disclosure Ckfinder
NVD
CVE-2025-63830
EPSS 0% CVSS 6.1
MEDIUM POC This Month

CKFinder 1.4.3 is vulnerable to Cross Site Scripting (XSS) in the File Upload function. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload XSS Ckfinder
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy