CVE-2025-67479

A flaw was found in Wikimedia Foundation MediaWiki and Cite. This vulnerability is associated with the software's parsing and sanitization functions, specifically within CoreParserFunctions.Php and Sanitizer.Php. While the exact method of exploitation and its consequences are not fully detailed,...

UBUNTU-CVE-2025-67479

Vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Cite. This vulnerability is associated with program files includes/Parser/CoreParserFunctions.Php, includes/Parser/Sanitizer.Php. This issue affects MediaWiki: from before 1.39.14, 1.43.4, 1.44.1; Cite: from before 1.39.14,...

Linux Distros Unpatched Vulnerability : CVE-2020-17480

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - TinyMCE before 4.9.7 and 5.x before 5.1.4 allows XSS in the core parser, the paste plugin, and the visualchars plugin by using the clipboard or APIs to insert...

CVE-2024-33259

Jerryscript commit cefd391 was discovered to contain a segmentation violation via the component scannerseek at jerry-core/parser/js/js-scanner-util.c...

CVE-2024-33259

Jerryscript commit cefd391 was discovered to contain a segmentation violation via the component scannerseek at jerry-core/parser/js/js-scanner-util.c...

CVE-2024-33260

Jerryscript commit cefd391 was discovered to contain a segmentation violation via the component parserparseclass at jerry-core/parser/js/js-parser-expr.c...

CVE-2024-33259

Jerryscript commit cefd391 was discovered to contain a segmentation violation via the component scannerseek at jerry-core/parser/js/js-scanner-util.c...

CVE-2023-34868

Jerryscript 3.0 commit 05dbbd1 was discovered to contain an Assertion Failure via the parserparseforstatementstart at jerry-core/parser/js/js-parser-statm.c...

CVE-2023-34868

Jerryscript 3.0 commit 05dbbd1 was discovered to contain an Assertion Failure via the parserparseforstatementstart at jerry-core/parser/js/js-parser-statm.c...

CVE-2023-31918

Jerryscript 3.0 commit 1a2c047 was discovered to contain an Assertion Failure via the parserparsefunctionarguments at jerry-core/parser/js/js-parser.c...

CVE-2020-17480

TinyMCE before 4.9.7 and 5.x before 5.1.4 allows XSS in the core parser, the paste plugin, and the visualchars plugin by using the clipboard or APIs to insert content into the editor...

UBUNTU-CVE-2020-17480

TinyMCE before 4.9.7 and 5.x before 5.1.4 allows XSS in the core parser, the paste plugin, and the visualchars plugin by using the clipboard or APIs to insert content into the editor...

Cross site scripting

TinyMCE before 4.9.7 and 5.x before 5.1.4 allows XSS in the core parser, the paste plugin, and the visualchars plugin by using the clipboard or APIs to insert content into the editor...

CVE-2020-17480

The CVE-2020-17480 issue affects TinyMCE prior to 4.9.7 and 5.x prior to 5.1.4, where cross-site scripting can be triggered by inserting content via clipboard or editor APIs in the core parser, paste plugin, and visualchars plugin. The vulnerability arises from improper input validation and can b...

GHSA-C78W-2GW7-GJV3 XSS in TinyMCE

Impact A cross-site scripting XSS vulnerability was discovered in: the core parser and media plugin. The vulnerability allowed arbitrary JavaScript execution when inserting a specially crafted piece of content into the editor via the clipboard or APIs. This impacts all users who are using TinyMCE...