High severity vulnerability on the domPurify package

[rma-atolcd]

Hi !

The package uses domPurify in 3.0.3 in the current latest version of tinymce-bundle, unfortunately this version of domPurify suffers from a high severity vulnerability.

The domPurify package would need to be updated to version 3.1.3.

Thanks !

[EmilePerron]

Hi there! Sorry for the delay on this.

This should now be fixed in v2.1.0 which bumps up the version of TinyMCE to 6.8.5, which also update the underlying domPurify dependency.

Cheers!