Security Advisory

CVE-2024-21908

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-01-03 15:38:09

Last updated 2025-11-28 15:51:16

Assigner VulnCheck

State PUBLISHED

Description

TinyMCE versions before 5.9.0 are affected by a stored cross-site scripting vulnerability. An unauthenticated and remote attacker could insert crafted HTML into the editor resulting in arbitrary JavaScript execution in another users browser.

← Browse all CVEs View on cve.org ↗