- Issue created by @catch
- First commit to issue fork.
https://www.npmjs.com/package/ckeditor5/v/41.3.2
This is a backport of a ckeditor5 security release. The security doesn't affect any versions of Drupal because it's to do with the ckeditor5 block editor, but good to not be running a version that is technically vulnerable.
Active
10.3 ✨
ckeditor5.module
It makes Drupal less vulnerable to abuse or misuse. Note, this is the preferred tag, though the Security tag has a large body of issues tagged to it. Do NOT publicly disclose security vulnerabilities; contact the security team instead. Anyone (whether security team or not) can apply this tag to security improvements that do not directly present a vulnerability e.g. hardening an API to add filtering to reduce a common mistake in contributed modules.
It is used for security vulnerabilities which do not need a security advisory. For example, security issues in projects which do not have security advisory coverage, or forward-porting a change already disclosed in a security advisory. See Drupal’s security advisory policy for details. Be careful publicly disclosing security vulnerabilities! Use the “Report a security vulnerability” link in the project page’s sidebar. See how to report a security issue for details.