Lucene search
+L

7 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2024/03/12 8:56 p.m.50 views

Security Bulletin: There is a vulnerability in tinymce-6.7.1.min.js used by IBM Maximo Asset Management application (CVE-2023-48219)

Summary There is a vulnerability in tinymce-6.7.1.min.js used by IBM Maximo Asset Management application. Vulnerability Details CVEID:CVE-2023-48219 DESCRIPTION: TinyMCE is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the text nodes. A remote attacke...

6.1CVSS6.1AI score0.00715EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/06 9:44 a.m.35 views

Security Bulletin: IBM Maximo Application Suite uses tinymce-5.10.8.tgz which is vulnerable to CVE-2023-48219

Summary IBM Maximo Application Suite uses tinymce-5.10.8.tgz which is vulnerable to CVE-2023-48219. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2023-48219 DESCRIPTION: TinyMCE is vulnerable to cross-site scripting, caused by...

6.1CVSS6.1AI score0.00715EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/01/24 12:0 a.m.28 views

FreeBSD : TinyMCE -- mXSS in multiple plugins (9532a361-b84d-11ee-b0d7-84a93843eb75)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 9532a361-b84d-11ee-b0d7-84a93843eb75 advisory. - TinyMCE is an open source rich text editor. A mutation cross-site scripting mXSS vulnerability was...

6.1CVSS5.7AI score0.00715EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/11/15 6:59 p.m.10 views

CVE-2023-48219 Special characters in unescaped text nodes can trigger mXSS in TinyMCE

TinyMCE is an open source rich text editor. A mutation cross-site scripting mXSS vulnerability was discovered in TinyMCE’s core undo/redo functionality and other APIs and plugins. Text nodes within specific parents are not escaped upon serialization according to the HTML standard. If such text...

6.1CVSS5.3AI score0.00715EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/11/15 6:59 p.m.40 views

CVE-2023-48219 Special characters in unescaped text nodes can trigger mXSS in TinyMCE

TinyMCE is an open source rich text editor. A mutation cross-site scripting mXSS vulnerability was discovered in TinyMCE’s core undo/redo functionality and other APIs and plugins. Text nodes within specific parents are not escaped upon serialization according to the HTML standard. If such text...

6.1CVSS5.9AI score0.00715EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2023/11/15 6:32 p.m.9 views

@agentlab/ldkg-ui-basetable (=0.1.1), @agentlab/ldkg-ui-charts (>=0.1.2 <=0.1.7) +330 more potentially affected by CVE-2023-48219 via tinymce (>=4.5.1 <=5.10.8)

tinymce NPM version =4.5.1, =0.1.2, =0.3.7, =0.1.17, =1.0.0, =1.0.0, =1.33.0, =1.0.0-alpha.39-baliz, =4.3.0, =0.5.0, =0.1.0, =0.0.4, =0.1.2, =0.8.4, =0.8.5 and more Source cves: CVE-2023-48219 Source advisory: OSV:GHSA-V626-R774-J7F8...

6.1CVSS6.3AI score0.00715EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/11/15 6:32 p.m.4 views

@arkxio/ark-ui (>=0.1.0 <=0.1.18), @arkxio/ark-ui-src (=0.1.0) +34 more potentially affected by CVE-2023-48219 via tinymce (>=6.0.0 <=6.6.2)

tinymce NPM version =6.0.0, =0.1.0, =0.1.19, =0.1.0, =0.1.0, =0.1.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.2 and more Source cves: CVE-2023-48219 Source advisory: OSV:GHSA-V626-R774-J7F8...

6.1CVSS6.3AI score0.00715EPSS
Exploits0
Rows per page
Query Builder