PT-2020-4408 · Cksource +2 · Ckeditor +2
Name of the Vulnerable Software and Affected Versions: CKEditor versions 4.0 through 4.14 Description: A cross-site scripting XSS issue exists due to insufficient input validation in the HTML Data Processor for CKEditor. This allows remote attackers to inject arbitrary web script through a crafte...