npm package
@ckeditor/ckeditor5-html-support
pkg:npm/%40ckeditor/ckeditor5-html-support
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-28343 | — | >= 29.0.0, < 47.6.0 | 47.6.0 | Mar 5, 2026 | CKEditor 5 is a modern JavaScript rich-text editor with an MVC architecture. Starting in version 29.0.0 and prior to version 47.6.0, a cross-site scripting (XSS) vulnerability has been discovered in the General HTML Support feature. This vulnerability could be triggered by insert | ||
| CVE-2022-31175 | — | < 35.0.1 | 35.0.1 | Aug 3, 2022 | CKEditor 5 is a JavaScript rich text editor. A cross-site scripting vulnerability has been discovered affecting three optional CKEditor 5's packages in versions prior to 35.0.1. The vulnerability allowed to trigger a JavaScript code after fulfilling special conditions. The affect |
- CVE-2026-28343Mar 5, 2026affected >= 29.0.0, < 47.6.0fixed 47.6.0
CKEditor 5 is a modern JavaScript rich-text editor with an MVC architecture. Starting in version 29.0.0 and prior to version 47.6.0, a cross-site scripting (XSS) vulnerability has been discovered in the General HTML Support feature. This vulnerability could be triggered by insert
- CVE-2022-31175Aug 3, 2022affected < 35.0.1fixed 35.0.1
CKEditor 5 is a JavaScript rich text editor. A cross-site scripting vulnerability has been discovered affecting three optional CKEditor 5's packages in versions prior to 35.0.1. The vulnerability allowed to trigger a JavaScript code after fulfilling special conditions. The affect