{"id":7257,"date":"2025-06-26T09:21:23","date_gmt":"2025-06-26T09:21:23","guid":{"rendered":"http:\/\/localhost\/?p=7257"},"modified":"2025-06-26T09:21:23","modified_gmt":"2025-06-26T09:21:23","slug":"ckeditor5-youtube-moderately-critical-cross-site-scripting-sa-contrib-2025-081","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=7257","title":{"rendered":"CKEditor5 Youtube – Moderately critical – Cross-site Scripting – SA-CONTRIB-2025-081"},"content":{"rendered":"
\n

CVE Details<\/h2>\n
\n
\n

Basic Information<\/h3>\n\n\n\n\n\n
Title<\/th>\nCKEditor5 Youtube – Moderately critical – Cross-site Scripting – SA-CONTRIB-2025-081<\/td>\n<\/tr>\n
Type<\/th>\ncve<\/td>\n<\/tr>\n
Published<\/th>\n2025-06-26T13:33:17.444Z<\/td>\n<\/tr>\n
Last Seen<\/th>\n<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Product Information<\/h3>\n\n\n\n\n
Vendor<\/th>\nDrupal<\/td>\n<\/tr>\n
Product<\/th>\nCKEditor5 Youtube<\/td>\n<\/tr>\n
Version<\/th>\n0.0.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n
\n

CVSS Information<\/h3>\n\n\n\n\n\n\n
Base Score<\/th>\n0.0 ()<\/td>\n<\/tr>\n
Attack Vector<\/th>\n<\/td>\n<\/tr>\n
Confidentiality Impact<\/th>\n<\/td>\n<\/tr>\n
Integrity Impact<\/th>\n<\/td>\n<\/tr>\n
Availability Impact<\/th>\n<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

AI Analysis<\/h3>\n\n\n\n\n\n\n
AI Description<\/th>\nA Cross-Site Scripting (XSS) vulnerability in the CKEditor5 Youtube plugin for Drupal allows attackers to inject malicious scripts. This can lead to unauthorized actions on behalf of users. The issue is fixed in versions 1.0.3 and above.<\/td>\n<\/tr>\n
AI Severity<\/th>\nMedium<\/td>\n<\/tr>\n
Vendor<\/th>\nDrupal Community<\/td>\n<\/tr>\n
Product<\/th>\nCKEditor5 Youtube<\/td>\n<\/tr>\n
Affected Version<\/th>\n0.0.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Affected Products<\/h4>\n