Updates released on Wednesday for Drupal 8 patch a moderately critical cross-site scripting (XSS) vulnerability affecting a third-party JavaScript library.
The flaw impacts CKEditor, a WYSIWYG HTML editor included in the Drupal core. CKEditor exposes users to XSS attacks due to a flaw in the Enhanced Image (image2) plugin.
from SecurityWeek RSS Feed https://ift.tt/2K09Azi
via https://ifttt.com/ IFTTT
No comments:
Post a Comment