CNNVD-202511-781 Information

CNNVD ID

CNNVD-202511-781

Related CVE

CVE-2025-61261

• CNNVD Published: 2025-11-07

Description (Chinese)

CKEditor是CKEditor开源的一个企业级 WYSIWYG 编辑器。 CKEditor v46.1.0版本和Angular v18.0.0版本存在安全漏洞，该漏洞源于反射型跨站脚本，可能导致攻击者在用户浏览器环境中执行任意代码。

Description (English)

CKEditor is an enterprise-level WYSIWYG editor for CKEditor. CKEditor v46.1.0 and Angular v18.0.0 had a security loophole, which originated in a reflector-type cross-site script, which could lead to any code being enforced by the attackers in the user browser environment.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

CKEditor

Published

2025-11-07

Last Modified

2026-02-24

References

https://github.com/ckeditor/ckeditor5/releases/tag/v46.1.0 https://senscybersecurity.nl/cve-2025-61261-explained/

Patch

https://github.com/ckeditor/ckeditor5/releases