Jump to content

Drupal update because of CKEditor library error (parsing HTML that could lead to an XSS attack) ... what about the CKEditor in Processwire

tires

By tires,
in General Support

 Share

Recommended Posts

tires Sr. Member

tires

Posted
Posted

In the info for the last Drupal (8/9) core update was mentioned that there is an error in the CKEditor library.

Quote

Drupal core uses the third-party CKEditor library. This library has an error in parsing HTML that could lead to an XSS attack. CKEditor 4.16.1 and later include the fix.

https://www.drupal.org/sa-core-2021-003

Does this error could have an effect to the CKE in Processwire?
Is there a also a threat for Cross Site Scripting?

Link to comment
Share on other sites
  • tires changed the title to Drupal update because of CKEditor library error (parsing HTML that could lead to an XSS attack) ... what about the CKEditor in Processwire
  • cstevensjr locked and unlocked this topic

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...