Name of the Vulnerable Software and Affected Versions Drupal (affected versions not specified)

Description The issue is related to the use of the CKEditor library for WYSIWYG editing in Drupal. Vulnerabilities are possible if Drupal is configured to allow the use of CKEditor, potentially leading to Cross-Site Scripting (XSS) attacks. An attacker who can create or edit content may exploit these vulnerabilities to target users with access to the WYSIWYG CKEditor, including site administrators with privileged access.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.