Miembros de
Boletines de Vulnerabilidades |
Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2021-003 |
|
Información sobre el sistema |
|
| Software afectado | Drupal |
Descripción |
|
|
Project: Drupal coreDate: 2021-May-26Security risk: Moderately critical 14∕25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:DefaultVulnerability: Cross Site ScriptingCVE IDs: CVE-2021-33829Description: Update: 2021-06-11: Added CVE-2021-33829 identifierDrupal core uses the third-party CKEditor library. This library has an error in parsing HTML that could lead to an XSS attack. CKEditor 4.16.1 and later include the fix.Update: 2021-06-11: More details are available on CKEditors blog.Users More info: https://www.drupal.org/sa-core-2021-003 |
|
Identificadores estándar |
|
| Propiedad | Valor |
| CVE | CVE-2021-33829. |
Histórico de versiones |
||
| Versión | Comentario | Fecha |
| 1.0 | Advisory issued | 2022-05-26 |