tinymce/tinymce Security Advisories for 6.7.1 (3)
-
[MEDIUM] TinyMCE Cross-Site Scripting (XSS) vulnerability in handling iframes
PKSA-s5r2-shvb-ydth CVE-2024-29203 GHSA-438c-3975-5x3f
Affected version: <6.8.1
Reported by:
GitHub -
[MEDIUM] TinyMCE Cross-Site Scripting (XSS) vulnerability in handling external SVG files through Object or Embed elements
PKSA-hdg2-6rxt-d4qn CVE-2024-29881 GHSA-5359-pvf2-pw78
Affected version: <7.0.0
Reported by:
GitHub -
[MEDIUM] TinyMCE vulnerable to mutation Cross-site Scripting via special characters in unescaped text nodes
PKSA-mymm-sn83-mbb2 CVE-2023-48219 GHSA-v626-r774-j7f8
Affected version: >=6.0.0,<6.7.3|<5.10.9
Reported by:
GitHub