VYPR

npm package

@ckeditor/ckeditor5-real-time-collaboration

pkg:npm/%40ckeditor/ckeditor5-real-time-collaboration

Vulnerabilities (1)

  • CVE-2025-25299LowFeb 20, 2025
    affected >= 41.3.0, < 44.2.1fixed 44.2.1

    CKEditor 5 is a modern JavaScript rich-text editor with an MVC architecture. During a recent internal audit, a Cross-Site Scripting (XSS) vulnerability was discovered in the CKEditor 5 real-time collaboration package. This vulnerability affects user markers, which represent users