CVE-2025-6674 – Drupal CKEditor5 Youtube Cross-Site Scripting (XSS)

June 26, 2025

CVE ID : CVE-2025-6674

Published : June 26, 2025, 2:15 p.m. | 49 minutes ago

Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Drupal CKEditor5 Youtube allows Cross-Site Scripting (XSS).This issue affects CKEditor5 Youtube: from 0.0.0 before 1.0.3.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6675 – Drupal Enterprise MFA – TFA Authentication Bypass

Next Article CVE-2025-6695 – LabRedesCefetRJ WeGIA Cross-Site Scripting Vulnerability

Coded Smorgasbord: High Strung

Chainguard launches trusted collection of verified JavaScript libraries

CData launches Connect AI to provide agents access to enterprise data sources

PostgreSQL 18 adds asynchronous I/O to improve performance

Distribution Release: Neptune 9.0

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

Development Release: MX Linux 25 Beta 1

PHP 8.5.0 RC 1 available for testing

PHP 8.5.0 RC 1 available for testing

Terraform Code Generator Using Ollama and CodeGemma

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

Distribution Release: Neptune 9.0

Distribution Release: Neptune 9.0

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

Distribution Release: Kali Linux 2025.3

CVE-2025-6674 – Drupal CKEditor5 Youtube Cross-Site Scripting (XSS)

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

CVE-2025-24473 – Fortinet FortiClient Information Disclosure

CVE-2025-20261 – Cisco IMC SSH Privilege Escalation Vulnerability

CVE-2025-34128 – X360 VideoPlayer Buffer Overflow Vulnerability

XOR Marks the Flaw in SAP GUI

Coinbase Details Insider Data Theft in Remarkable Disclosure

Borg ER-3 is a portable audio synthesizer

An Animated Introduction to Web Development from Back to Front

CVE-2025-7896 – “Harry0703 MoneyPrinterTurbo Remote Path Traversal Vulnerability”

CVE-2025-6674 – Drupal CKEditor5 Youtube Cross-Site Scripting (XSS)

Related Posts