CVE-2022-48110 Information

Description

CKSource CKEditor5 35.4.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Full Featured CKEditor5 widget.

Reference

https://packetstormsecurity.com/files/170927/CKSource-CKEditor5-35.4.0-Cross-Site-Scripting.html https://ckeditor.com/docs/ckeditor5/latest/features/html-embed.html