CVE-2022-31175
CKEditor 5 prior to 35.0.1 contains an XSS flaw in three optional packages: @ckeditor/ckeditor5-markdown-gfm, @ckeditor/ckeditor5-html-support, and @ckeditor/ckeditor5-html-embed. The vulnerability arises from a mechanism that updates the source element with markup from the data pipeline after de...