CVE-2024-38356 | TinyMCE up to 5.11.0/6.8.3/7.2.0 cross site scripting (GHSA-9hcv-j9pv-qmph)

Posted by Angelo Barbosa | Jun 19, 2024 | CVE

A vulnerability was found in TinyMCE up to 5.11.0/6.8.3/7.2.0. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting.

The identification of this vulnerability is CVE-2024-38356. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-38356 | TinyMCE up to 5.11.0/6.8.3/7.2.0 cross site scripting (GHSA-9hcv-j9pv-qmph)

Related Posts

CVE-2024-9075 | Stirling-Tools Stirling-PDF up to 0.28.3 Markdown-to-PDF cross site scripting

CVE-2024-7709 | OcoMon 4.0 URL require_access_recovery.php cross site scripting

CVE-2024-41016 | Linux Kernel up to 6.10 ocfs2_xattr_find_entry out-of-bounds (af77c4fc1871)

CVE-2024-47841 | Wikimedia CSS Extension up to 1.39.8/1.41.2/1.42.1 on Mediawiki path traversal