CKEditor 5 is a modern JavaScript rich-text editor with an MVC architecture. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
RCE
XSS
NVD
GitHub
CVSS 4.0
2.3
EPSS
0.6%