Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2021-011
Project: Drupal core
Date: 2021-November-17
Security risk: Moderately critical 13∕25
Vulnerability: Cross Site Scripting
Description
The Drupal project uses the CKEditor library for WYSIWYG editing. CKEditor has released a security update that impacts Drupal, along with a hotfix for that update.