GHSA-g68x-vvqq-pvw3, CVE-2018-17960
packagist/typo3/cms-core
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CKEditor 4.x before 4.11.0 allows user-assisted XSS involving a source-mode paste.
All versions starting from 8.0.0 before 8.7.21, all versions starting from 9.0.0 before 9.5.2
Upgrade to versions 8.7.21, 9.5.2 or above.
2024-02-05
source |