{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-07T19:33:30.064","vulnerabilities":[{"cve":{"id":"CVE-2024-45400","sourceIdentifier":"security-advisories@github.com","published":"2024-09-06T00:15:02.507","lastModified":"2024-09-19T18:04:36.627","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"ckeditor-plugin-openlink is a plugin for the CKEditor JavaScript text editor that extends the context menu with a possibility to open a link in a new tab. A vulnerability in versions of the plugin prior to 1.0.7 allowed a user to execute JavaScript code by abusing the link href attribute. The fix is available starting with version 1.0.7."},{"lang":"es","value":"ckeditor-plugin-openlink es un complemento para el editor de texto JavaScript CKEditor que amplía el menú contextual con la posibilidad de abrir un enlace en una nueva pestaña. Una vulnerabilidad en las versiones del complemento anteriores a la 1.0.7 permitía a un usuario ejecutar código JavaScript abusando del atributo href del enlace. La solución está disponible a partir de la versión 1.0.7."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mlewand:open_link:*:*:*:*:*:ckeditor:*:*","versionEndExcluding":"1.0.7","matchCriteriaId":"B3A98245-1561-49F7-9C6B-2527AEFCABE2"}]}]}],"references":[{"url":"https://github.com/mlewand/ckeditor-plugin-openlink/commit/402391fdd4d9cfd079031372f9caebbf54993ffb","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/mlewand/ckeditor-plugin-openlink/security/advisories/GHSA-qj47-6x6q-m3c9","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}}]}