Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:20846
HistoryJul 18, 2019 - 2:14 a.m.

Cross-Site Scripting (XSS)

2019-07-1802:14:17
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5

0.001 Low

EPSS

Percentile

44.8%

tinymce is vulnerable to Cross-Site Scripting. The library does not properly sanitise the input to the media element, allowing users to paste malicious content to media element’s embed tab to execute arbitrary Javascript code.

0.001 Low

EPSS

Percentile

44.8%