Lucene search
VulnCheckCVELIST:CVE-2024-21908HistoryJan 03, 2024 - 3:38 p.m.
CVE-2024-21908 Cross-site scripting vulnerability in TinyMCE
2024-01-0315:38:09
CWE-79
VulnCheck
www.cve.org
tinymce
cross-site scripting
vulnerability
html
javascript
0.002 Low
EPSS
Percentile
57.4%
TinyMCE versions before 5.9.0 are affected by a stored cross-site scripting vulnerability. An unauthenticated and remote attacker could insert crafted HTML into the editor resulting in arbitrary JavaScript execution in another user’s browser.
CNA Affected
[
{
"collectionURL": "https://nuget.org/packages",
"defaultStatus": "unaffected",
"packageName": "TinyMCE",
"versions": [
{
"lessThan": "5.9.0",
"status": "affected",
"version": "0",
"versionType": "semver 2.0.0"
}
]
}
]Related
nvd
nvd
CVE-2024-21908
2024-01-03 16:15:08
osv
osv
Cross-site scripting vulnerability in TinyMCE
2021-10-22 16:24:02
CVE-2024-21908
2024-01-03 16:15:08
cve
cve
CVE-2024-21908
2024-01-03 16:15:08
debiancve
debiancve
CVE-2024-21908
2024-01-03 16:15:08
ubuntucve
ubuntucve
CVE-2024-21908
2024-01-03 00:00:00
github
github
Cross-site scripting vulnerability in TinyMCE
2021-10-22 16:24:02
prion
prion
Cross site scripting
2024-01-03 16:15:00