[Secure-testing-team] Bug#752873: fckeditor: CVE-2014-4037

Moritz Muehlenhoff jmm at inutil.org
Fri Jun 27 09:45:03 UTC 2014 

Package: fckeditor
Severity: grave
Tags: security
Justification: user security hole

Hi,
please see 
http://packetstormsecurity.com/files/126902/FCKeditor-2.6.10-Cross-Site-Scripting.html
http://ckeditor.com/blog/FCKeditor-2.6.11-Released

Cheers,
        Moritz

More information about the Secure-testing-team mailing list