-
Notifications
You must be signed in to change notification settings - Fork 2.2k
Security: tinymce/tinymce
Security Navigation
Security Advisories
View information about security vulnerabilities from this repository's maintainers.
-
TinyMCE Cross-Site Scripting (XSS) vulnerability using noneditable_regexp optionGHSA-9hcv-j9pv-qmph published
Jun 19, 2024 by EkimChauModerate -
TinyMCE Cross-Site Scripting (XSS) vulnerability using noscript elementsGHSA-w9jx-4g6g-rp7x published
Jun 19, 2024 by EkimChauModerate -
TinyMCE Cross-Site Scripting (XSS) vulnerability in handling iframesGHSA-438c-3975-5x3f published
Mar 26, 2024 by EkimChauModerate -
TinyMCE Cross-Site Scripting (XSS) vulnerability in handling external SVG files through Object or Embed elementsGHSA-5359-pvf2-pw78 published
Mar 26, 2024 by EkimChauModerate -
Special characters in unescaped text nodes can trigger mXSS when using TinyMCE undo/redo, getContentAPI, resetContentAPI, and Autosave pluginGHSA-v626-r774-j7f8 published
Nov 15, 2023 by mkzhxModerate -
XSS vulnerability in TinyMCE notificationManager.open APIGHSA-hgqx-r2hp-jr38 published
Oct 19, 2023 by mkzhxModerate -
mXSS vulnerability in TinyMCE undo/redo, getContent API, resetContent API, and Autosave pluginGHSA-v65r-p3vv-jjfv published
Oct 19, 2023 by mkzhxModerate -
Cross-site scripting vulnerability in TinyMCE alertsGHSA-gg8r-xjwq-4w92 published
Dec 8, 2022 by lnewsonModerate -
Cross-site scripting vulnerability in TinyMCEGHSA-5h9g-x5rv-25wg published
Oct 21, 2021 by lnewsonModerate -
Cross-site scripting vulnerability in TinyMCE pluginsGHSA-r8hm-w5f7-wj39 published
Nov 1, 2021 by lnewsonModerate