AVG-2565 log
| Package | drupal |
| Status | Fixed |
| Severity | Medium |
| Type | cross-site scripting |
| Affected | 9.2.6-1 |
| Fixed | 9.2.9-1 |
| Current | 10.2.4-1 [extra] |
| Ticket | None |
| Created | Wed Nov 17 22:15:03 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2021-41165 | Medium | Yes | Cross-site scripting | In CKEditor4 before version 4.17.0, as used by Drupal before version 9.2.9, a vulnerability has been discovered in the core HTML processing module and may... |
| CVE-2021-41164 | Medium | Yes | Cross-site scripting | In CKEditor4 before version 4.17.0, as used by Drupal before version 9.2.9, a vulnerability has been discovered in the Advanced Content Filter (ACF) module... |