Beta

Report

CKEditor 4 - WYSIWYG HTML editor < 7.x-1.15,< 6.x-1.14,< 6.x-2.3 is vulnerable to Drupal CKEditor 4 - WYSIWYG HTML editor module < 7.x-1.15,< 6.x-1.14,< 6.x-2.3 - Unauthenticated Cross Site Scripting (XSS) vulnerability

Unauthenticated
Published
2014-10-14

Drupal CKEditor 4 - WYSIWYG HTML editor module < 7.x-1.15,< 6.x-1.14,< 6.x-2.3 - Unauthenticated Cross Site Scripting (XSS) vulnerability

CVSS

Score:7.1

Severity:High

Version:< 7.x-1.15,< 6.x-1.14,< 6.x-2.3

There is a patch available in v7.x-1.15,6.x-1.14,6.x-2.3 and we strongly recommend you update to this version as soon as possible.