Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Tinymce Security Vulnerabilities - 2023

cve
cve

CVE-2023-45818

TinyMCE is an open source rich text editor. A mutation cross-site scripting (mXSS) vulnerability was discovered in TinyMCEโ€™s core undo and redo functionality. When a carefully-crafted HTML snippet passes the XSS sanitisation layer, it is manipulated as a string by internal trimming functions before...

6.1CVSS

5.7AI Score

0.001EPSS

2023-10-19 10:15 PM
43
cve
cve

CVE-2023-45819

TinyMCE is an open source rich text editor. A cross-site scripting (XSS) vulnerability was discovered in TinyMCEโ€™s Notification Manager API. The vulnerability exploits TinyMCE's unfiltered notification system, which is used in error handling. The conditions for this exploit requires carefully craft...

6.1CVSS

6AI Score

0.001EPSS

2023-10-19 10:15 PM
35
cve
cve

CVE-2023-48219

TinyMCE is an open source rich text editor. A mutation cross-site scripting (mXSS) vulnerability was discovered in TinyMCEโ€™s core undo/redo functionality and other APIs and plugins. Text nodes within specific parents are not escaped upon serialization according to the HTML standard. If such text no...

6.1CVSS

5.7AI Score

0.001EPSS

2023-11-15 07:15 PM
60