Security Advisory

CVE-2020-9281

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-03-07 00:02:27

Last updated 2024-08-04 10:26:15

Assigner mitre

State PUBLISHED

Description

A cross-site scripting (XSS) vulnerability in the HTML Data Processor for CKEditor 4.0 before 4.14 allows remote attackers to inject arbitrary web script through a crafted "protected" comment (with the cke_protected syntax).

← Browse all CVEs View on cve.org ↗