CKEditor is an open source, web-based text editor. A cross-site scripting vulnerability exists in CKEditor, which stems from the presence of a cross-site scripting vulnerability that can be exploited by an attacker to bypass the advanced content filtering mechanism to inject incorrectly formatted HTML content, which may result in the execution of JavaScript code.
CPE | Name | Operator | Version |
---|---|---|---|
ckeditor ckeditor >=4.0, | lt | 4.24.0 |