Security Advisory

CVE-2024-29881

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-03-26 13:31:15

Last updated 2024-08-02 17:59:24

Assigner GitHub_M

State PUBLISHED

Description

TinyMCE is an open source rich text editor. A cross-site scripting (XSS) vulnerability was discovered in TinyMCE’s content loading and content inserting code. A SVG image could be loaded though an `object` or `embed` element and that image could potentially contain a XSS payload. This vulnerability is fixed in 6.8.1 and 7.0.0.

← Browse all CVEs View on cve.org ↗