tinymce
19 known vulnerabilities · 0 critical · 0 high
TinyMCE Cross-Site Scripting (XSS) vulnerability in handling iframes
TinyMCE Cross-Site Scripting (XSS) vulnerability in handling external SVG files through Object or Embed elements
TinyMCE Cross-Site Scripting (XSS) vulnerability using noscript elements
TinyMCE mXSS vulnerability in undo/redo, getContent API, resetContent API, and Autosave plugin
TinyMCE vulnerable to mutation Cross-site Scripting via special characters in unescaped text nodes
TinyMCE Cross-Site Scripting (XSS) vulnerability using sanitization bypass through nested SVGs
TinyMCE Cross-Site Scripting (XSS) vulnerability using through data-mce- prefixed src, href, style attributes
TinyMCE Cross-Site Scripting (XSS) vulnerability using media plugin `data-mce-object` injection
TinyMCE Cross-Site Scripting (XSS) vulnerability using noneditable_regexp option
TinyMCE Cross-Site Scripting (XSS) vulnerability through `mce:protected` comments
Malicious code in uploadcare-tinymce (npm)