CVE-2024-45400 - CKEditor Plugin OpenLink Cross-Site Scripting

2 months ago 30
ARTICLE AD BOX
CVE ID : CVE-2024-45400
Published : Sept. 6, 2024, 12:15 a.m. | 24 minutes ago
Description : ckeditor-plugin-openlink is a plugin for the CKEditor JavaScript text editor that extends the context menu with a possibility to open a link in a new tab. A vulnerability in versions of the plugin prior to 1.0.7 allowed a user to execute JavaScript code by abusing the link href attribute. The fix is available starting with version 1.0.7.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Read Entire Article