TinyMCE Cross-Site Scripting (XSS) vulnerability in handling iframes

Impact A cross-site scripting XSS vulnerability was discovered in TinyMCE’s content insertion code. This allowed iframe elements containing malicious code to execute when inserted into the editor. These iframe elements are restricted in their permissions by same-origin browser protections, but...