Home » CMS » Drupal (page 4)

Drupal

Drupal core – Moderately critical – Cross Site Scripting – SA-CORE-2018-003

Project:  Drupal core Date:  2018-April-18 Security risk:  Moderately critical 12∕25 AC:Complex/A:User/CI:Some/II:Some/E:Theoretical/TD:Default Vulnerability:  Cross Site Scripting Description:  CKEditor, a third-party JavaScript library included in Drupal core, has fixed a cross-site scripting (XSS) vulnerability. The vulnerability stemmed from the fact that it was possible to execute XSS inside CKEditor when using the image2 plugin (which Drupal 8 core also uses). We would ...

Read More »

Powered by WP Robot