CVE-2024-37888

Published
View on NVD ↗
CVSS v3
6.1
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT

Description

The Open Link is a CKEditor plugin, extending context menu with a possibility to open link in a new tab. The vulnerability allowed to execute JavaScript code by abusing link href attribute. It affects all users using the Open Link plugin at version < **1.0.5**.

mlewand/ckeditor-plugin-openlink
mlewand/ckeditor-plugin-openlink
Very simple plugin, extending context menu with a possibility to open link in a new tab.
GitHubGitHub
1