CVE-2020-13669

CVE-2020-13669

Vendor Drupal
Product Core
Weakness CWE-79 · XSS
Published February 11, 2022
Last update August 4, 2024
View on NVD All CVEs

CVSS base score

What the vulnerability does

01Description

Cross-site Scripting (XSS) vulnerability in ckeditor of Drupal Core allows attacker to inject XSS. This issue affects: Drupal Core 8.8.x versions prior to 8.8.10.; 8.9.x versions prior to 8.9.6; 9.0.x versions prior to 9.0.6.

Key dates

02Disclosure timeline

February 11, 2022 CVE published
August 4, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2023-27439 WordPress New Adman Plugin <= 1.6.8 is vulnerable to Cross Site Scripting (XSS) CVE-2024-5879 HubSpot – CRM, Email Marketing, Live Chat, Forms & Analytics <= 11.1.22 - Authenticated (Contributor+) Stored Cross-Site Scripting via HubSpot Meeting Widget CVE-2022-4866 Cross-site Scripting (XSS) - Stored in usememos/memos CVE-2026-47638 Microsoft SharePoint Server Spoofing Vulnerability CVE-2025-0930 Reflected Cross-Site Scripting (XSS) vulnerability in TeamCal Neo