tinymce Media element component cross-site scripting vulnerability
tinymce is a JavaScript library for rich text editing . A cross-site scripting vulnerability exists in the Media element component in tinymce version 4.7.11, 4.7.12. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit the...