NOTE: Enter just the SR ID number in order to find the associated Support Request.
SR-D66095 · Issue 529706
Cross-site scripting security added to Richtext Editor
Resolved in Pega Version 8.2.6
A scenario where HTML objects could be copied and pasted into CKEditor and the click action modified to perform different actions was traced to Pega event attributes present in the rich-text editor content. This has been corrected by blacklisting Pega event attributes like data-click, etc. In
Ready to crush complexity?
Experience the benefits of Pega Community when you log in.