Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:22425
HistoryJan 31, 2020 - 3:44 p.m.

Cross-site Scripting (XSS)

2020-01-3115:44:46
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
18

0.001 Low

EPSS

Percentile

41.3%

tinymce is vulnerable to cross-site scripting (XSS). The attack exists because it does not prevent the attacker from injecting a malicious script into the editor via the clipboard or APIs, allowing to execute the script when a user loads the editor.

0.001 Low

EPSS

Percentile

41.3%