A cross-site scripting (XSS) vulnerability in the WSC plugin through
5.5.7.5 for CKEditor 4 allows remote attackers to run arbitrary web script
inside an IFRAME element by injecting a crafted HTML element into the
editor.
Author | Note |
---|---|
litios | Plugin is not present in the package |