Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned, use: (affected versions not specified)

Description: The issue concerns the rich text editor, which fails to escape attribute data when previewing custom tags. This allows for potential XSS attacks if custom tags are used, specifically targeting users with access to editing rich text content. The frontend content view is not affected, but the vulnerability could be exploited by editors to attack other editors.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.