Drupal CKEditor 3.0 - 3.6.2 - Persistent EventHandler XSS

AWS · Jan 18, 2012

There is a bug in Drupals implementation of CKEditor which can lead to an admin running malicious code. Drupal is not the only software that uses CKEditor so this could affect other scripts like IPB, vBulletin and others.

CKEditor is prone to Persistent Cross-Site Scripting within the actual editor, as it is possible for an attacker could maliciously inject eventhandlers serving java-script code in preview / editing in html mode.

If an attacker injects an eventhandler into an image, such as "onload='alert(0);'",
then the javascript will execute, even if the data is saved and previewed in editing mode later on. (The XSS will only executing during preview / editing in html mode.)
Click to expand...

Read the full security bulletin

Log in or Sign up

Drupal CKEditor 3.0 - 3.6.2 - Persistent EventHandler XSS

AWS Administrator Admin Talk Staff

Share This Page

About Us

Quick Navigation

Follow us on Twitter

Log in or Sign up

Useful Searches

Drupal CKEditor 3.0 - 3.6.2 - Persistent EventHandler XSS

AWS Administrator Admin Talk Staff

Share This Page