Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2021-003
|
Información sobre el sistema
|
|
|
Software afectado |
Drupal |
Descripción
|
Project: Drupal coreDate: 2021-May-26Security risk: Moderately critical 14∕25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:DefaultVulnerability: Cross Site ScriptingDescription: Drupal core uses the third-party CKEditor library. This library has an error in parsing HTML that could lead to an XSS attack. Solution: Install the latest version:If you are using Drupal 9.1, update to Drupal 9.1.9.If you are using Drupal 9.0, update to Drupal 9.0.14.If you are using Drupal 8.9, update to Drupal
More info:
https://www.drupal.org/sa-core-2021-003 |
Identificadores estándar
|
Propiedad |
Valor |
CVE |
|