High severity vulnerability was found in npm ckeditor4 (npm) .
The vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4.
The problem has been recognized and patched. The fix will be available in version 4.17.0.
The CKEditor 4 team would like to thank William Bowling (wbowling) for recognizing and reporting this vulnerability.