VYPR

npm package

ckeditor4-dev

pkg:npm/ckeditor4-dev

Vulnerabilities (1)

  • CVE-2021-26271Jan 26, 2021
    affected < 4.16fixed 4.16

    It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted text into the Styles input of specific dialogs (in the Advanced Tab for Dialogs plugin).