The version of CKEditor used is outdated and contains known vulnerabilities. Recommendation: Update CKEditor to the latest version.

/cc_MscrmControls.RichTextEditor.RichTextEditorControl/libs/ckeditor/ckeditor.js

/msdyn_/RichTextEditorControl/libs/ckeditor_latest/ckeditor.js

Reference: https://security.snyk.io/package/npm/ckeditor4/4.20.1

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to incorrect CDATA detection in the HTML parsing module. This flaw allows for the injection of malformed HTML content that bypasses the Advanced Content Filtering mechanism, potentially leading to the execution of JavaScript code. An attacker could exploit this vulnerability by manipulating CDATA content detection to launch an attack on the editor.