皇上,还记得我吗?我就是1999年那个Linux伊甸园啊-----24小时滚动更新开源资讯,全年无休!

CKEditor 4.9.2 发布,可视化 HTML 编辑器

CKEditor 4.9.2 发布,可视化 HTML 编辑器

CKEditor 4.9.2 发布了,其中包含针对增强图像插件的安全修补程序,建议对 CKEditor 4.5.11 等以上版本进行升级。

安全更新:

  • Fixed XSS vulnerability in the Enhanced Image (image2) plugin reported by Kyaw Min Thein.

    Issue summary: It was possible to execute XSS inside CKEditor using the <img> tag and specially crafted HTML. Please note that the default presets (Basic/Standard/Full) do not include this plugin, so you are only at risk if you made a custom build and enabled this plugin.

更多详情可查看发布博客

下载地址:https://ckeditor.com/ckeditor-4/download/

转自 https://www.oschina.net/news/95329/ckeditor-4-9-2-released