VWE-2021-6076 Viewing Source [template]Vulnerability | aka= | severity=Medium | difficulty=Hard | description=HTML Injection. A malicious editor can save specially crafted content that is later loaded as WYSIWYG editor content by an unsuspecting user editing the same page, and if the second user opens certain editor dialogs while having that content selected, the content can be displayed to the user unescaped. | platform= | lite= | issueid= | discover-date=April 28, 2021 | patch-date=May 3, 2021 | patches=4.1.1 Patch Level 4 4.1.0 Patch Level 6 4.1.0 RC 3 Patch Level 8 | workaround= [/template] 586 characters