CKEditor vulnerabilities pose XSS threat to Drupal and other downstream applications
A pair of cross-site scripting (XSS) bugs, which are deemed ‘moderately critical’ by Drupal, could have a far-reaching impact since CKEditor is incorporated into numerous online applications.