AVG-2565 log

Package drupal
Status Fixed
Severity Medium
Type cross-site scripting
Affected 9.2.6-1
Fixed 9.2.9-1
Current 10.2.4-1 [extra]
Ticket None
Created Wed Nov 17 22:15:03 2021
Issue Severity Remote Type Description
CVE-2021-41165 Medium Yes Cross-site scripting
In CKEditor4 before version 4.17.0, as used by Drupal before version 9.2.9, a vulnerability has been discovered in the core HTML processing module and may...
CVE-2021-41164 Medium Yes Cross-site scripting
In CKEditor4 before version 4.17.0, as used by Drupal before version 9.2.9, a vulnerability has been discovered in the Advanced Content Filter (ACF) module...