Tinymce Security Vulnerabilities and Issues — Tinymce CVE List

Lucene search

TinyTinymce

3 matches found

CVE•added 2023/11/15 7:15 p.m.•78 views

CVE-2023-48219

TinyMCE is an open source rich text editor. A mutation cross-site scripting (mXSS) vulnerability was discovered in TinyMCE’s core undo/redo functionality and other APIs and plugins. Text nodes within specific parents are not escaped upon serialization according to the HTML standard. If such text no...

6.1CVSS5.8AI score0.02622EPSS

CVE•added 2023/10/19 10:15 p.m.•55 views

CVE-2023-45818

TinyMCE is an open source rich text editor. A mutation cross-site scripting (mXSS) vulnerability was discovered in TinyMCE’s core undo and redo functionality. When a carefully-crafted HTML snippet passes the XSS sanitisation layer, it is manipulated as a string by internal trimming functions before...

6.1CVSS5.8AI score0.01282EPSS

CVE•added 2023/10/19 10:15 p.m.•48 views

CVE-2023-45819

TinyMCE is an open source rich text editor. A cross-site scripting (XSS) vulnerability was discovered in TinyMCE’s Notification Manager API. The vulnerability exploits TinyMCE's unfiltered notification system, which is used in error handling. The conditions for this exploit requires carefully craft...

6.1CVSS6AI score0.0284EPSS