RSS   Vulnerabilities for 'Tinymce'   RSS

2020-08-14
 
CVE-2020-12648

CWE-79
 

 
A cross-site scripting (XSS) vulnerability in TinyMCE 5.2.1 and earlier allows remote attackers to inject arbitrary web script when configured in classic editing mode.

 
2020-08-10
 
CVE-2020-17480

CWE-79
 

 
TinyMCE before 4.9.7 and 5.x before 5.1.4 allows XSS in the core parser, the paste plugin, and the visualchars plugin by using the clipboard or APIs to insert content into the editor.

 

 >>> Vendor: TINY 3 Products
Tinymce
Plupload
Moxiemanager


Copyright 2024, cxsecurity.com

 

Back to Top