Description
CKEditor 5 is a JavaScript rich text editor. A cross-site scripting vulnerability has been discovered affecting three optional CKEditor 5's packages in versions prior to 35.0.1. The vulnerability allowed to trigger a JavaScript code after fulfilling special conditions. The affected packages are `@ckeditor/ckeditor5-markdown-gfm`, `@ckeditor/ckeditor5-html-support`, and `@ckeditor/ckeditor5-html-embed`. The specific conditions are 1) Using one of the affected packages. In case of `ckeditor5-html-support` and `ckeditor5-html-embed`, additionally, it was required to use a configuration that allows unsafe markup inside the editor. 2) Destroying the editor instance and 3) Initializing the editor on an element and using an element other than `
Remediation
References
https://ckeditor.com/docs/ckeditor5/latest/features/general-html-support.html
https://ckeditor.com/docs/ckeditor5/latest/features/html-embed.html
https://ckeditor.com/docs/ckeditor5/latest/features/markdown.html
https://github.com/ckeditor/ckeditor5/security/advisories/GHSA-42wq-rch8-6f6j
Related Vulnerabilities
CVE-2013-4286 Vulnerability in maven package org.apache.tomcat:tomcat-coyote
CVE-2020-27216 Vulnerability in maven package jetty:jetty
CVE-2021-41182 Vulnerability in maven package org.webjars.bower:jquery-ui
CVE-2020-7238 Vulnerability in maven package io.netty:netty-all
CVE-2021-40865 Vulnerability in maven package org.apache.storm:storm-server