4 matches found
Drupal 8.x CKEditor XSS Vulnerability (SA-CORE-2020-001) - Linux
Drupal is prone to a cross-site scripting XSS vulnerability in a third-party library. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...
Drupal 8.x CKEditor XSS Vulnerability (SA-CORE-2020-001) - Windows
Drupal is prone to a cross-site scripting XSS vulnerability in a third-party library. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...
Drupal 8.7.x < 8.7.12 / 8.8.x < 8.8.4 Drupal Vulnerability (SA-CORE-2020-001) (drupal-2020-03-18)
According to its self-reported version, the instance of Drupal running on the remote web server is 8.7.x prior to 8.7.12 or 8.8.x prior to 8.8.4. It is, therefore, affected by a vulnerability. - The Drupal project uses the third-party library CKEditor, which has released a security improvement th...
Drupal core - Moderately critical - Third-party library - SA-CORE-2020-001
The Drupal project uses the third-party library CKEditor, which has released a security improvement that is needed to protect some Drupal configurations. Vulnerabilities are possible if Drupal is configured to use the WYSIWYG CKEditor for your site's users. An attacker that can create or edit...