6 matches found
EUVD-2020-15820
Malware in sbrugna...
CVE-2020-23066
Rejected reason: DO NOT USE THIS CVE ID NUMBER. Consult IDs: CVE-2020-17480. Reason: This CVE Record is a duplicate of CVE-2020-17480. Notes: All CVE users should reference CVE-2020-17480 instead of this record...
Cross-site scripting in TinyMCE
Overview tinymce before 4.9.7 and 5.x before 5.1.4 allows XSS in the core parser, the paste plugin, and the visualchars plugin by using the clipboard or APIs to insert content into the editor. Recommendation Upgrade to versions 4.9.7, 5.1.4 or later References - CVE - GitHub Advisory...
CVE-2020-17480
TinyMCE before 4.9.7 and 5.x before 5.1.4 allows XSS in the core parser, the paste plugin, and the visualchars plugin by using the clipboard or APIs to insert content into the editor...
CVE-2020-17480
The CVE-2020-17480 issue affects TinyMCE prior to 4.9.7 and 5.x prior to 5.1.4, where cross-site scripting can be triggered by inserting content via clipboard or editor APIs in the core parser, paste plugin, and visualchars plugin. The vulnerability arises from improper input validation and can b...
3h1-ui (>=2.14.41 <=3.0.0-next.258), @abt-desk/apm (>=0.0.1 <=0.33.12) +937 more potentially affected by CVE-2020-17480 via tinymce (>=5.0.11 <=5.1.0)
tinymce NPM version =5.0.11, =2.14.41, =0.0.1, =0.1.0, =0.1.2, =0.3.7, =0.1.17, =0.1.0, =0.0.1, =0.2.0-0, =1.0.18-beta.8, =1.0.0, =1.2.3-beta.1, =0.1.1, =1.0.0, =8.7.0 and more Source cves: CVE-2020-17480 Source advisory: OSV:GHSA-27GM-GHR9-4V95...