Beta

Report

CKEditor 4 - WYSIWYG HTML editor < 7.x-1.19 is vulnerable to Drupal CKEditor 4 - WYSIWYG HTML editor module < 7.x-1.19 - Authenticated Cross Site Scripting (XSS) vulnerability

Authenticated
Published
2020-03-17

Drupal CKEditor 4 - WYSIWYG HTML editor module < 7.x-1.19 - Authenticated Cross Site Scripting (XSS) vulnerability

CVSS

Score:5.5

Severity:Medium

Version:< 7.x-1.19

There is a patch available in v1.20 and we strongly recommend you update to this version as soon as possible.