2 matches found
CVE-2023-45818
Concrete details confirm CVE-2023-45818 affects TinyMCE undo/redo logic, where HTML is mutated by a combination of string trimming and reparative parsing when restoring from the undo stack, enabling XSS. The issue also affects related APIs/plugins (tinymce.Editor.getContent({ format: 'raw' }), re...
TinyMCE Cross-Site Scripting Vulnerability
Tiny Technologies TinyMCE is a rich text editor from Tiny Technologies, Inc. A security vulnerability exists in TinyMCE, which stems from a mutant cross-site scripting mXSS vulnerability discovered in TinyMCE's core undo and redo functionality...