CVE-2019-9870

CVE-2019-9870

EPSS 1.8%

plugin.js in the w8tcha oEmbed plugin before 2019-03-14 for CKEditor mishandles SCRIPT elements.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/w8tcha/CKEditor-oEmbed-Plugin/commit/10f6169e39510bbf5af913886037044458b9dc9b https://github.com/w8tcha/CKEditor-oEmbed-Plugin/issues/94