Security Advisory

CVE-2024-21911

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-01-03 15:59:00

Last updated 2026-06-23 16:13:08

Assigner VulnCheck

State PUBLISHED

Description

TinyMCE versions before 5.6.0 are affected by a stored cross-site scripting vulnerability. An unauthenticated and remote attacker could insert crafted HTML into the editor resulting in arbitrary JavaScript execution in another users browser.

← Browse all CVEs View on cve.org ↗