Home > Content Management, Cross Site Scripting, Remote Command Execution > Drupal CKEditor / FCKeditor Modules Cross Site Scripting and Code Execution Vulnerabilities

Drupal CKEditor / FCKeditor Modules Cross Site Scripting and Code Execution Vulnerabilities

March 30th, 2012

Application: Drupal
Affected Version:
* FCKeditor module versions 6.x-2.x prior to 6.x-2.3.
* CKEditor module versions 6.x-1.x prior to 6.x-1.9.
* CKEditor module versions 7.x-1.x prior to 7.x-1.7.
Vendor’s URL: CKEditor / FCKeditor Modules
Bug Type: Cross Site Scripting and Code Execution
Risk Level: Critical

Solution:
Update to a fixed version.

Content Management, Cross Site Scripting, Remote Command Execution

Comments are closed.