Ckeditor: >> Ckeditor 5-Link >> 0.1.0 Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in the Link package for CKEditor 5 before 10.0.1 allows remote attackers to inject arbitrary web script through a crafted href attribute of a link (A) element.
CVSS Score
6.1
EPSS Score
0.003
Published
2018-05-22