Ckeditor: >> Ckeditor >> 4.14.1 Security Vulnerabilities
It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted text into the Styles input of specific dialogs (in the Advanced Tab for Dialogs plugin).
CVSS Score
6.5
EPSS Score
0.006
Published
2021-01-26
It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted URL-like text into the editor, and then press Enter or Space (in the Autolink plugin).
CVSS Score
6.5
EPSS Score
0.002
Published
2021-01-26
Page 2