SR-D66095 · Issue 529706
Cross-site scripting security added to Richtext Editor
Resolved in Pega Version 8.2.6
A scenario where HTML objects could be copied and pasted into CKEditor and the click action modified to perform different actions was traced to Pega event attributes present in the rich-text editor content. This has been corrected by blacklisting Pega event attributes like data-click, etc. In