Количество 5
Количество 5
CVE-2024-38357
TinyMCE is an open source rich text editor. A cross-site scripting (XSS) vulnerability was discovered in TinyMCE’s content parsing code. This allowed specially crafted noscript elements containing malicious code to be executed when that content was loaded into the editor. This vulnerability has been patched in TinyMCE 7.2.0, TinyMCE 6.8.4 and TinyMCE 5.11.0 LTS by ensuring that content within noscript elements are properly parsed. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2024-38357
TinyMCE is an open source rich text editor. A cross-site scripting (XSS) vulnerability was discovered in TinyMCE’s content parsing code. This allowed specially crafted noscript elements containing malicious code to be executed when that content was loaded into the editor. This vulnerability has been patched in TinyMCE 7.2.0, TinyMCE 6.8.4 and TinyMCE 5.11.0 LTS by ensuring that content within noscript elements are properly parsed. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2024-38357
TinyMCE is an open source rich text editor. A cross-site scripting (XS ...
GHSA-w9jx-4g6g-rp7x
TinyMCE Cross-Site Scripting (XSS) vulnerability using noscript elements
BDU:2024-08354
Уязвимость редактора форматированного текста TinyMCE, существующая из-за непринятия мер по защите структуры веб-страницы, позволяющая нарушителю провести атаку межсайтового скриптинга (XSS)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-38357 TinyMCE is an open source rich text editor. A cross-site scripting (XSS) vulnerability was discovered in TinyMCE’s content parsing code. This allowed specially crafted noscript elements containing malicious code to be executed when that content was loaded into the editor. This vulnerability has been patched in TinyMCE 7.2.0, TinyMCE 6.8.4 and TinyMCE 5.11.0 LTS by ensuring that content within noscript elements are properly parsed. Users are advised to upgrade. There are no known workarounds for this vulnerability. | CVSS3: 6.1 | 1% Низкий | больше 1 года назад |
 | CVE-2024-38357 TinyMCE is an open source rich text editor. A cross-site scripting (XSS) vulnerability was discovered in TinyMCE’s content parsing code. This allowed specially crafted noscript elements containing malicious code to be executed when that content was loaded into the editor. This vulnerability has been patched in TinyMCE 7.2.0, TinyMCE 6.8.4 and TinyMCE 5.11.0 LTS by ensuring that content within noscript elements are properly parsed. Users are advised to upgrade. There are no known workarounds for this vulnerability. | CVSS3: 6.1 | 1% Низкий | больше 1 года назад |
| CVE-2024-38357 TinyMCE is an open source rich text editor. A cross-site scripting (XS ... | CVSS3: 6.1 | 1% Низкий | больше 1 года назад |
| GHSA-w9jx-4g6g-rp7x TinyMCE Cross-Site Scripting (XSS) vulnerability using noscript elements | CVSS3: 6.1 | 1% Низкий | больше 1 года назад |
 | BDU:2024-08354 Уязвимость редактора форматированного текста TinyMCE, существующая из-за непринятия мер по защите структуры веб-страницы, позволяющая нарушителю провести атаку межсайтового скриптинга (XSS) | CVSS3: 6.1 | 1% Низкий | больше 1 года назад |
Уязвимостей на страницу