CkEditor 4.12.1 not secure affect wisej 2.5 and 3.5

Answered

Hi,

not a wisej problem but a ckeditor vulnerability.

Now it show a message “This CKEditor 4.12.1 version is not secure. Consider upgrading to the lasto one, 4.24.0-lts”

but the last version do not work with wisej.

For now I work around adding in startup.js of ckeditor extension

config.versionCheck = false;

best

Cristian

Bugs

Cristian Zerbinati asked Jul 2, 2024 - 8:44 am

You must login to post comments

Answers (3)

Great Answer

Hi Christian ,

We just have released an update to the CKEditor extensions, it’s the NuGet package version 3.5.10-preview2.
The new VersionCheck property is introduced in that version and it defaults to false.

Best regards,
Alaa

Alaa (ITG) answered Jul 8, 2024 - 12:41 pm

- Cristian Zerbinati
- Jul 8, 2024 - 12:49 pm
Hi Alaa, thank you

You must login to post comments

If I want to keep using old extensio where exactly this needs to be updated?

in the extension source code or it is possible to define it in the app using the extension?

I was searching throught app release and I cannot find startup.js.

Thanx,

Dino Novak answered Jul 11, 2024 - 9:28 am

- Alaa (ITG)
- Jul 11, 2024 - 9:30 am
Set CKEditor.Options.versionCheck to false before the CKEditor widget itself is rendered, i.e in a form load event for example, and follow it with CKEditor.Update() to refresh the component.
- Cristian Zerbinati
- Jul 11, 2024 - 9:51 am
I Dino, you are right, on your old extension, open startup.js and add this config.versionCheck = false;//add cristian I have add after CKEDITOR_BASEPATH = options.basePath; at row 42

You must login to post comments

Hi Christian,

A new property VersionCheck is going to be introduced for the CKEditor 4 extension in the newer version of Wisej 3.5.

As a workaround, you can do “CKEditor.Options.versionCheck = false” in your code.

Download Wisej.NET datasheet Printable version (pdf)

Ask questions and get help on the Wisej.NET Forum

Explore Wisej.NET online documentation