VYPR
Unrated severityNVD Advisory· Published Jan 9, 2025· Updated Jan 9, 2025

CKEditor 4 LTS - WYSIWYG HTML editor - Moderately critical - Cross Site Scripting - SA-CONTRIB-2024-009

CVE-2024-13245

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal CKEditor 4 LTS - WYSIWYG HTML editor allows Cross-Site Scripting (XSS).This issue affects CKEditor 4 LTS - WYSIWYG HTML editor: from 1.0.0 before 1.0.1.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Range: >=1.0.0, <1.0.1
  • Drupal/CKEditor 4 LTS - WYSIWYG HTML editorv5
    Range: 1.0.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.