VulnerableCode Vulnerability Details - VCID-4xk4-5nps-4fcd

Search for vulnerabilities

Vulnerability details: VCID-4xk4-5nps-4fcd

Essentials
Severities (0)
References (1)
Severity details (0)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-4xk4-5nps-4fcd
Aliases	SA-CORE-2018-003
Summary	XSS Vulnerability CKEditor, a third-party JavaScript library included in Drupal core, is affected by a cross-site scripting (XSS) vulnerability. It's possible to execute XSS inside CKEditor when using the `image2` plugin.
Status	Published
Exploitability	0.5
Weighted Severity	0.0
Risk	None
Affected and Fixed Packages	Package Details

Weaknesses (0)

There are no known CWE.

System	Score	Found at
There are no known severity scores.

Reference id	Reference type	URL
		https://www.drupal.org/sa-core-2018-003

No exploits are available.

There are no known vectors.

No EPSS data available for this vulnerability.

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T09:22:37.285993+00:00	GitLab Importer	Import	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/drupal/SA-CORE-2018-003.yml	37.0.0