6.6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
41.3%
Cross Site Scripting vulnerability in TinyMCE v.4.9.6 and before and v.5.0.0 thru v.5.1.4 allows an attacker to execute arbitrary code via the editor function.
github.com/tinymce/tinymce/security/advisories/GHSA-27gm-ghr9-4v95
portswigger.net/daily-swig/xss-vulnerability-patched-in-tinymce