2 matches found
@ckeditor/ckeditor5-build-balloon (>=0.0.1 <=0.2.0), @ckeditor/ckeditor5-build-balloon-toolbar (>=0.0.1 <=0.1.0) +4 more potentially affected by CVE-2018-11093 via @ckeditor/ckeditor5-link (>=0.5.1 <=0.8.0)
@ckeditor/ckeditor5-link NPM version =0.5.1, =0.0.1, =0.0.1, =0.1.0, =0.0.1, =0.1.1, =0.3.0 Source cves: CVE-2018-11093 Source advisory: OSV:GHSA-GVPX-9459-W3MJ...
Fedora 26 : ckeditor (2018-1361f39801)
4.9.2 https://ckeditor.com/cke4/release/CKEditor-4.9.2 Security Updates - Fixed XSS vulnerability in the Enhanced Image image2 plugin reported by Kyaw Min Thein. - Issue summary: It was possible to execute XSS inside CKEditor using the tag and specially crafted HTML. Please note that the default...