Lucene search
VulnCheckCVELIST:CVE-2024-21911HistoryJan 03, 2024 - 3:59 p.m.
CVE-2024-21911 Cross-site scripting vulnerability in TinyMCE
2024-01-0315:59:00
CWE-79
VulnCheck
www.cve.org
tinymce
cross-site scripting
version 5.6.0
0.004 Low
EPSS
Percentile
73.3%
TinyMCE versions before 5.6.0 are affected by a stored cross-site scripting vulnerability. An unauthenticated and remote attacker could insert crafted HTML into the editor resulting in arbitrary JavaScript execution in another user’s browser.
CNA Affected
[
{
"collectionURL": "https://nuget.org/packages",
"defaultStatus": "unaffected",
"packageName": "TinyMCE",
"versions": [
{
"lessThan": "5.6.0",
"status": "affected",
"version": "0",
"versionType": "semver 2.0.0"
}
]
}
]Related
osv
osv
CVE-2024-21911
2024-01-03 16:15:09
Cross-site scripting vulnerability in TinyMCE
2021-01-06 19:27:54
cve
cve
CVE-2024-21911
2024-01-03 16:15:09
ubuntucve
ubuntucve
CVE-2024-21911
2024-01-03 00:00:00
github
github
Cross-site scripting vulnerability in TinyMCE
2021-01-06 19:27:54
prion
prion
Cross site scripting
2024-01-03 16:15:00
veracode
veracode
Cross-site Scripting (XSS)
2024-01-04 10:26:12
debiancve
debiancve
CVE-2024-21911
2024-01-03 16:15:09
nvd
nvd
CVE-2024-21911
2024-01-03 16:15:09