48 matches found
Dropbox: Forum posts and private messages are poorly sanitized, allowing execution of arbitrary JavaScript
The reporter informed us of both stored XSS vulnerabilities as well as unsafe css attributes that were allowed in forum posts due to TinyMCE editor. An upgrade to lithium's forum platform appears to have mitigated these vulnerabilities...
UBUNTU-CVE-2017-14726
Before version 4.8.2, WordPress was vulnerable to a cross-site scripting attack via shortcodes in the TinyMCE visual editor...
TinyBrowser (TinyMCE Editor File browser) 1.41.6 - Multiple Vulnerabilities
No description provided by source. ============================================================================== TinyBrowser TinyMCE Editor File browser 1.41.6 - Multiple Vulnerabilities ============================================================================== Discovered by Aung Khant, YGN...
Roundcube Webmail 0.8.0 - Stored XSS
No description provided by source. !/usr/bin/python ''' Exploit Title: Roundcube Webmail Stored XSS. Date: 14/08/2012 Exploit Author: Shai rod @NightRang3r Vendor Homepage: http://roundcube.net Software Link:...
Fedora 20 : moodle-2.5.3-1.fc20 (2013-21312)
Latest upstreams, multiple security fixes. Name: CVE-2013-6780 URL: https://vulners.com/cve/CVE-2013-6780 Assigned: 20131112 Reference: https://yuilibrary.com/support/20131111-vulnerability/ Cross-site scripting XSS vulnerability in uploader.swf in the Uploader component in Yahoo! YUI 2.5.0 throu...
Code injection
Moodle through 2.5.2 allows remote authenticated administrators to execute arbitrary programs by configuring the aspell pathname and then triggering a spell-check operation within the TinyMCE editor...
UBUNTU-CVE-2013-3630
Moodle through 2.5.2 allows remote authenticated administrators to execute arbitrary programs by configuring the aspell pathname and then triggering a spell-check operation within the TinyMCE editor...
CVE-2013-3630
Moodle through 2.5.2 allows remote authenticated administrators to execute arbitrary programs by configuring the aspell pathname and then triggering a spell-check operation within the TinyMCE editor...