Candidate: CVE-2014-4037
PublicDate: 2014-06-11 14:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4037
 http://packetstormsecurity.com/files/126902/FCKeditor-2.6.10-Cross-Site-Scripting.html
 http://ckeditor.com/blog/FCKeditor-2.6.11-Released
Description:
 Cross-site scripting (XSS) vulnerability in
 editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php
 in FCKeditor before 2.6.11 and earlier allows remote attackers to inject
 arbitrary web script or HTML via an array key in the textinputs[]
 parameter, a different issue than CVE-2012-4000.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by: Robin Bailey
Assigned-to:
CVSS: 

Patches_fckeditor:
upstream_fckeditor: released (2.6.11)
lucid_fckeditor: ignored (reached end-of-life)
precise_fckeditor: ignored (reached end-of-life)
precise/esm_fckeditor: DNE (precise was needed)
saucy_fckeditor: ignored (reached end-of-life)
trusty_fckeditor: ignored (reached end-of-life)
trusty/esm_fckeditor: DNE (trusty was needed)
utopic_fckeditor: ignored (reached end-of-life)
vivid_fckeditor: ignored (reached end-of-life)
vivid/stable-phone-overlay_fckeditor: DNE
vivid/ubuntu-core_fckeditor: DNE
wily_fckeditor: DNE
xenial_fckeditor: DNE
yakkety_fckeditor: DNE
zesty_fckeditor: DNE
artful_fckeditor: DNE
bionic_fckeditor: DNE
cosmic_fckeditor: DNE
disco_fckeditor: DNE
devel_fckeditor: DNE