Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » RadEditor web editor vulnerable to XSS attacks

RadEditor web editor vulnerable to XSS attacks

2014/09/29

Threatpost - (International) A researcher identified and reported a cross-site scripting (XSS) vulnerability in the RadEditor text editor used in several Microsoft products that could allow attackers to inject malicious script and obtain private data. The vulnerability was closed by Telerik September 24.

Source: http://threatpost.com/radeditor-web-editor-vulnerable-to-xss-attacks

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:21:53