Tinymce@* Security Vulnerabilities and Issues — Tinymce@* CVE List

Lucene search

TinyTinymce*

3 matches found

CVE•added 2024/01/03 4:15 p.m.•57 views

CVE-2024-21910

TinyMCE versions before 5.10.0 are affected by a cross-site scripting vulnerability. A remote and unauthenticated attacker could introduce crafted image or link URLs that would result in the execution of arbitrary JavaScript in an editing user's browser.

6.1CVSS6.1AI score0.01211EPSS

CVE•added 2024/01/03 4:15 p.m.•53 views

CVE-2024-21911

TinyMCE versions before 5.6.0 are affected by a stored cross-site scripting vulnerability. An unauthenticated and remote attacker could insert crafted HTML into the editor resulting in arbitrary JavaScript execution in another user's browser.

6.1CVSS5.9AI score0.00818EPSS

CVE•added 2024/01/03 4:15 p.m.•51 views

CVE-2024-21908

TinyMCE versions before 5.9.0 are affected by a stored cross-site scripting vulnerability. An unauthenticated and remote attacker could insert crafted HTML into the editor resulting in arbitrary JavaScript execution in another user's browser.

6.1CVSS5.9AI score0.00365EPSS