id,summary,reporter,owner,description,type,status,priority,milestone,component,version,resolution,keywords,cc 14380,XSS Vulnerability bug report,Balaji,,"== Steps to reproduce == 1. Go to the Blog link http://ckeditor.com/blog/CKEditor-4.5.7-Released . well you can choose any blog from your website. [[Image()]] 2. Go to the comment box. And type XSS payload as follows: ""/> in Name and comment box area and store it. 3. After stored comment you will see the Stored based XSS is popped up. 4. This is so much risk which stored the malicious code over the website using this editor. Now whoever come to this page those people will become victim of XSS attack, May be attacker can steal User account details or other techniques he use. == Expected result == == Actual result == POC = http://prntscr.com/a0762w == Other details (browser, OS, CKEditor version, installed plugins) == ",Bug,closed,Normal,,General,4.5.7,invalid,,