Vulnerabilites related to tiny - tinymce
cve-2024-21908
Vulnerability from cvelistv5
Published
2024-01-03 15:38
Modified
2024-08-01 22:35
Severity ?
EPSS score ?
Summary
TinyMCE versions before 5.9.0 are affected by a stored cross-site scripting vulnerability. An unauthenticated and remote attacker could insert crafted HTML into the editor resulting in arbitrary JavaScript execution in another user's browser.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/tinymce/tinymce/security/advisories/GHSA-5h9g-x5rv-25wg | vendor-advisory | |
| https://www.tiny.cloud/docs/release-notes/release-notes59/#securityfixes | related | |
| https://github.com/advisories/GHSA-5h9g-x5rv-25wg | third-party-advisory | |
| https://vulncheck.com/advisories/vc-advisory-GHSA-5h9g-x5rv-25wg | third-party-advisory |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:35:33.402Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://github.com/tinymce/tinymce/security/advisories/GHSA-5h9g-x5rv-25wg"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://www.tiny.cloud/docs/release-notes/release-notes59/#securityfixes"
},
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://github.com/advisories/GHSA-5h9g-x5rv-25wg"
},
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://vulncheck.com/advisories/vc-advisory-GHSA-5h9g-x5rv-25wg"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://nuget.org/packages",
"defaultStatus": "unaffected",
"packageName": "TinyMCE",
"versions": [
{
"lessThan": "5.9.0",
"status": "affected",
"version": "0",
"versionType": "semver 2.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eTinyMCE versions before 5.9.0 are affected by a stored cross-site scripting vulnerability. An unauthenticated and remote attacker could insert crafted HTML into the editor resulting in arbitrary JavaScript execution in another user\u0027s browser.\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "\nTinyMCE versions before 5.9.0 are affected by a stored cross-site scripting vulnerability. An unauthenticated and remote attacker could insert crafted HTML into the editor resulting in arbitrary JavaScript execution in another user\u0027s browser.\n\n\n\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-03T15:38:09.664Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://github.com/tinymce/tinymce/security/advisories/GHSA-5h9g-x5rv-25wg"
},
{
"tags": [
"related"
],
"url": "https://www.tiny.cloud/docs/release-notes/release-notes59/#securityfixes"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://github.com/advisories/GHSA-5h9g-x5rv-25wg"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://vulncheck.com/advisories/vc-advisory-GHSA-5h9g-x5rv-25wg"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Cross-site scripting vulnerability in TinyMCE"
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2024-21908",
"datePublished": "2024-01-03T15:38:09.664Z",
"dateReserved": "2024-01-03T14:21:17.583Z",
"dateUpdated": "2024-08-01T22:35:33.402Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-23494
Vulnerability from cvelistv5
Published
2022-12-08 21:29
Modified
2024-08-03 03:43
Severity ?
EPSS score ?
Summary
tinymce is an open source rich text editor. A cross-site scripting (XSS) vulnerability was discovered in the alert and confirm dialogs when these dialogs were provided with malicious HTML content. This can occur in plugins that use the alert or confirm dialogs, such as in the `image` plugin, which presents these dialogs when certain errors occur. The vulnerability allowed arbitrary JavaScript execution when an alert presented in the TinyMCE UI for the current user. This vulnerability has been patched in TinyMCE 5.10.7 and TinyMCE 6.3.1 by ensuring HTML sanitization was still performed after unwrapping invalid elements. Users are advised to upgrade to either 5.10.7 or 6.3.1. Users unable to upgrade may ensure the the `images_upload_handler` returns a valid value as per the images_upload_handler documentation.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:43:46.467Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/tinymce/tinymce/security/advisories/GHSA-gg8r-xjwq-4w92",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/tinymce/tinymce/security/advisories/GHSA-gg8r-xjwq-4w92"
},
{
"name": "https://github.com/tinymce/tinymce/commit/6923d85eba6de3e08ebc9c5a387b5abdaa21150e",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/tinymce/tinymce/commit/6923d85eba6de3e08ebc9c5a387b5abdaa21150e"
},
{
"name": "https://github.com/tinymce/tinymce/commit/8bb2d2646d4e1a718fce61a775fa22e9d317b32d",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/tinymce/tinymce/commit/8bb2d2646d4e1a718fce61a775fa22e9d317b32d"
},
{
"name": "https://www.tiny.cloud/docs/release-notes/release-notes5107/#securityfixes",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tiny.cloud/docs/release-notes/release-notes5107/#securityfixes"
},
{
"name": "https://www.tiny.cloud/docs/tinymce/6/6.3-release-notes/#security-fixes",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tiny.cloud/docs/tinymce/6/6.3-release-notes/#security-fixes"
},
{
"name": "https://www.tiny.cloud/docs/tinymce/6/file-image-upload/#images_upload_handler",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tiny.cloud/docs/tinymce/6/file-image-upload/#images_upload_handler"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "tinymce",
"vendor": "tinymce",
"versions": [
{
"status": "affected",
"version": "\u003c 5.10.7"
},
{
"status": "affected",
"version": "\u003e= 6.0.0, \u003c 6.3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "tinymce is an open source rich text editor. A cross-site scripting (XSS) vulnerability was discovered in the alert and confirm dialogs when these dialogs were provided with malicious HTML content. This can occur in plugins that use the alert or confirm dialogs, such as in the `image` plugin, which presents these dialogs when certain errors occur. The vulnerability allowed arbitrary JavaScript execution when an alert presented in the TinyMCE UI for the current user. This vulnerability has been patched in TinyMCE 5.10.7 and TinyMCE 6.3.1 by ensuring HTML sanitization was still performed after unwrapping invalid elements. Users are advised to upgrade to either 5.10.7 or 6.3.1. Users unable to upgrade may ensure the the `images_upload_handler` returns a valid value as per the images_upload_handler documentation."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-08T21:29:26.610Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/tinymce/tinymce/security/advisories/GHSA-gg8r-xjwq-4w92",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/tinymce/tinymce/security/advisories/GHSA-gg8r-xjwq-4w92"
},
{
"name": "https://github.com/tinymce/tinymce/commit/6923d85eba6de3e08ebc9c5a387b5abdaa21150e",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/tinymce/tinymce/commit/6923d85eba6de3e08ebc9c5a387b5abdaa21150e"
},
{
"name": "https://github.com/tinymce/tinymce/commit/8bb2d2646d4e1a718fce61a775fa22e9d317b32d",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/tinymce/tinymce/commit/8bb2d2646d4e1a718fce61a775fa22e9d317b32d"
},
{
"name": "https://www.tiny.cloud/docs/release-notes/release-notes5107/#securityfixes",
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tiny.cloud/docs/release-notes/release-notes5107/#securityfixes"
},
{
"name": "https://www.tiny.cloud/docs/tinymce/6/6.3-release-notes/#security-fixes",
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tiny.cloud/docs/tinymce/6/6.3-release-notes/#security-fixes"
},
{
"name": "https://www.tiny.cloud/docs/tinymce/6/file-image-upload/#images_upload_handler",
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tiny.cloud/docs/tinymce/6/file-image-upload/#images_upload_handler"
}
],
"source": {
"advisory": "GHSA-gg8r-xjwq-4w92",
"discovery": "UNKNOWN"
},
"title": "Cross-site scripting vulnerability in TinyMCE alerts"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-23494",
"datePublished": "2022-12-08T21:29:26.610Z",
"dateReserved": "2022-01-19T21:23:53.766Z",
"dateUpdated": "2024-08-03T03:43:46.467Z",
"requesterUserId": "c184a3d9-dc98-4c48-a45b-d2d88cf0ac74",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-45818
Vulnerability from cvelistv5
Published
2023-10-19 21:18
Modified
2024-09-12 15:36
Severity ?
EPSS score ?
Summary
TinyMCE is an open source rich text editor. A mutation cross-site scripting (mXSS) vulnerability was discovered in TinyMCE’s core undo and redo functionality. When a carefully-crafted HTML snippet passes the XSS sanitisation layer, it is manipulated as a string by internal trimming functions before being stored in the undo stack. If the HTML snippet is restored from the undo stack, the combination of the string manipulation and reparative parsing by either the browser's native [DOMParser API](https://developer.mozilla.org/en-US/docs/Web/API/DOMParser) (TinyMCE 6) or the SaxParser API (TinyMCE 5) mutates the HTML maliciously, allowing an XSS payload to be executed. This vulnerability has been patched in TinyMCE 5.10.8 and TinyMCE 6.7.1 by ensuring HTML is trimmed using node-level manipulation instead of string manipulation. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:29:32.376Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/tinymce/tinymce/security/advisories/GHSA-v65r-p3vv-jjfv",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/tinymce/tinymce/security/advisories/GHSA-v65r-p3vv-jjfv"
},
{
"name": "https://researchgate.net/publication/266654651_mXSS_attacks_Attacking_well-secured_web-applications_by_using_innerHTML_mutations",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://researchgate.net/publication/266654651_mXSS_attacks_Attacking_well-secured_web-applications_by_using_innerHTML_mutations"
},
{
"name": "https://tiny.cloud/docs/release-notes/release-notes5108/#securityfixes",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tiny.cloud/docs/release-notes/release-notes5108/#securityfixes"
},
{
"name": "https://tiny.cloud/docs/tinymce/6/6.7.1-release-notes/#security-fixes",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tiny.cloud/docs/tinymce/6/6.7.1-release-notes/#security-fixes"
},
{
"name": "https://www.tiny.cloud/docs/api/tinymce.html/tinymce.html.saxparser/",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tiny.cloud/docs/api/tinymce.html/tinymce.html.saxparser/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-45818",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-12T15:36:29.394147Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-12T15:36:41.178Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "tinymce",
"vendor": "tinymce",
"versions": [
{
"status": "affected",
"version": "\u003c 5.10.8"
},
{
"status": "affected",
"version": "\u003e= 6.0.0, \u003c 6.7.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TinyMCE is an open source rich text editor. A mutation cross-site scripting (mXSS) vulnerability was discovered in TinyMCE\u2019s core undo and redo functionality. When a carefully-crafted HTML snippet passes the XSS sanitisation layer, it is manipulated as a string by internal trimming functions before being stored in the undo stack. If the HTML snippet is restored from the undo stack, the combination of the string manipulation and reparative parsing by either the browser\u0027s native [DOMParser API](https://developer.mozilla.org/en-US/docs/Web/API/DOMParser) (TinyMCE 6) or the SaxParser API (TinyMCE 5) mutates the HTML maliciously, allowing an XSS payload to be executed. This vulnerability has been patched in TinyMCE 5.10.8 and TinyMCE 6.7.1 by ensuring HTML is trimmed using node-level manipulation instead of string manipulation. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-19T21:18:01.297Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/tinymce/tinymce/security/advisories/GHSA-v65r-p3vv-jjfv",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/tinymce/tinymce/security/advisories/GHSA-v65r-p3vv-jjfv"
},
{
"name": "https://researchgate.net/publication/266654651_mXSS_attacks_Attacking_well-secured_web-applications_by_using_innerHTML_mutations",
"tags": [
"x_refsource_MISC"
],
"url": "https://researchgate.net/publication/266654651_mXSS_attacks_Attacking_well-secured_web-applications_by_using_innerHTML_mutations"
},
{
"name": "https://tiny.cloud/docs/release-notes/release-notes5108/#securityfixes",
"tags": [
"x_refsource_MISC"
],
"url": "https://tiny.cloud/docs/release-notes/release-notes5108/#securityfixes"
},
{
"name": "https://tiny.cloud/docs/tinymce/6/6.7.1-release-notes/#security-fixes",
"tags": [
"x_refsource_MISC"
],
"url": "https://tiny.cloud/docs/tinymce/6/6.7.1-release-notes/#security-fixes"
},
{
"name": "https://www.tiny.cloud/docs/api/tinymce.html/tinymce.html.saxparser/",
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tiny.cloud/docs/api/tinymce.html/tinymce.html.saxparser/"
}
],
"source": {
"advisory": "GHSA-v65r-p3vv-jjfv",
"discovery": "UNKNOWN"
},
"title": "Cross-site Scripting vulnerability in TinyMCE undo/redo, getContent API, resetContent API, and Autosave plugin"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-45818",
"datePublished": "2023-10-19T21:18:01.297Z",
"dateReserved": "2023-10-13T12:00:50.438Z",
"dateUpdated": "2024-09-12T15:36:41.178Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-45819
Vulnerability from cvelistv5
Published
2023-10-19 21:13
Modified
2024-09-12 17:49
Severity ?
EPSS score ?
Summary
TinyMCE is an open source rich text editor. A cross-site scripting (XSS) vulnerability was discovered in TinyMCE’s Notification Manager API. The vulnerability exploits TinyMCE's unfiltered notification system, which is used in error handling. The conditions for this exploit requires carefully crafted malicious content to have been inserted into the editor and a notification to have been triggered. When a notification was opened, the HTML within the text argument was displayed unfiltered in the notification. The vulnerability allowed arbitrary JavaScript execution when an notification presented in the TinyMCE UI for the current user. This issue could also be exploited by any integration which uses a TinyMCE notification to display unfiltered HTML content. This vulnerability has been patched in TinyMCE 5.10.8 and TinyMCE 6.7.1 by ensuring that the HTML displayed in the notification is sanitized, preventing the exploit. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/tinymce/tinymce/security/advisories/GHSA-hgqx-r2hp-jr38 | x_refsource_CONFIRM |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:29:32.385Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/tinymce/tinymce/security/advisories/GHSA-hgqx-r2hp-jr38",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/tinymce/tinymce/security/advisories/GHSA-hgqx-r2hp-jr38"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-45819",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-12T17:48:46.312994Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-12T17:49:09.927Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "tinymce",
"vendor": "tinymce",
"versions": [
{
"status": "affected",
"version": "\u003c 5.10.8"
},
{
"status": "affected",
"version": "\u003e= 6.0.0, \u003c 6.7.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TinyMCE is an open source rich text editor. A cross-site scripting (XSS) vulnerability was discovered in TinyMCE\u2019s Notification Manager API. The vulnerability exploits TinyMCE\u0027s unfiltered notification system, which is used in error handling. The conditions for this exploit requires carefully crafted malicious content to have been inserted into the editor and a notification to have been triggered. When a notification was opened, the HTML within the text argument was displayed unfiltered in the notification. The vulnerability allowed arbitrary JavaScript execution when an notification presented in the TinyMCE UI for the current user. This issue could also be exploited by any integration which uses a TinyMCE notification to display unfiltered HTML content. This vulnerability has been patched in TinyMCE 5.10.8 and TinyMCE 6.7.1 by ensuring that the HTML displayed in the notification is sanitized, preventing the exploit. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-19T21:13:07.155Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/tinymce/tinymce/security/advisories/GHSA-hgqx-r2hp-jr38",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/tinymce/tinymce/security/advisories/GHSA-hgqx-r2hp-jr38"
}
],
"source": {
"advisory": "GHSA-hgqx-r2hp-jr38",
"discovery": "UNKNOWN"
},
"title": "Cross-site Scripting vulnerability in TinyMCE notificationManager.open API"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-45819",
"datePublished": "2023-10-19T21:13:07.155Z",
"dateReserved": "2023-10-13T12:00:50.438Z",
"dateUpdated": "2024-09-12T17:49:09.927Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-12648
Vulnerability from cvelistv5
Published
2020-08-14 13:52
Modified
2024-08-04 12:04
Severity ?
EPSS score ?
Summary
A cross-site scripting (XSS) vulnerability in TinyMCE 5.2.1 and earlier allows remote attackers to inject arbitrary web script when configured in classic editing mode.
References
| ▼ | URL | Tags |
|---|---|---|
| https://labs.bishopfox.com/advisories/tinymce-version-5.2.1 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:04:22.848Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://labs.bishopfox.com/advisories/tinymce-version-5.2.1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-08-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in TinyMCE 5.2.1 and earlier allows remote attackers to inject arbitrary web script when configured in classic editing mode."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-14T13:52:29",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://labs.bishopfox.com/advisories/tinymce-version-5.2.1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12648",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A cross-site scripting (XSS) vulnerability in TinyMCE 5.2.1 and earlier allows remote attackers to inject arbitrary web script when configured in classic editing mode."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://labs.bishopfox.com/advisories/tinymce-version-5.2.1",
"refsource": "MISC",
"url": "https://labs.bishopfox.com/advisories/tinymce-version-5.2.1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12648",
"datePublished": "2020-08-14T13:52:29",
"dateReserved": "2020-05-04T00:00:00",
"dateUpdated": "2024-08-04T12:04:22.848Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1010091
Vulnerability from cvelistv5
Published
2019-07-17 16:35
Modified
2024-08-05 03:07
Severity ?
EPSS score ?
Summary
tinymce 4.7.11, 4.7.12 is affected by: CWE-79: Improper Neutralization of Input During Web Page Generation. The impact is: JavaScript code execution. The component is: Media element. The attack vector is: The victim must paste malicious content to media element's embed tab.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/tinymce/tinymce/issues/4394 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:07:18.162Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/tinymce/tinymce/issues/4394"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "tinymce",
"vendor": "tinymce",
"versions": [
{
"status": "affected",
"version": "4.7.11, 4.7.12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "tinymce 4.7.11, 4.7.12 is affected by: CWE-79: Improper Neutralization of Input During Web Page Generation. The impact is: JavaScript code execution. The component is: Media element. The attack vector is: The victim must paste malicious content to media element\u0027s embed tab."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-17T16:35:10",
"orgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8",
"shortName": "dwf"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/tinymce/tinymce/issues/4394"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1010091",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "tinymce",
"version": {
"version_data": [
{
"version_value": "4.7.11, 4.7.12"
}
]
}
}
]
},
"vendor_name": "tinymce"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "tinymce 4.7.11, 4.7.12 is affected by: CWE-79: Improper Neutralization of Input During Web Page Generation. The impact is: JavaScript code execution. The component is: Media element. The attack vector is: The victim must paste malicious content to media element\u0027s embed tab."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/tinymce/tinymce/issues/4394",
"refsource": "MISC",
"url": "https://github.com/tinymce/tinymce/issues/4394"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8",
"assignerShortName": "dwf",
"cveId": "CVE-2019-1010091",
"datePublished": "2019-07-17T16:35:10",
"dateReserved": "2019-03-20T00:00:00",
"dateUpdated": "2024-08-05T03:07:18.162Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-21911
Vulnerability from cvelistv5
Published
2024-01-03 15:59
Modified
2024-11-14 18:24
Severity ?
EPSS score ?
Summary
TinyMCE versions before 5.6.0 are affected by a stored cross-site scripting vulnerability. An unauthenticated and remote attacker could insert crafted HTML into the editor resulting in arbitrary JavaScript execution in another user's browser.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/tinymce/tinymce/security/advisories/GHSA-w7jx-j77m-wp65 | vendor-advisory | |
| https://www.npmjs.com/package/tinymce | related | |
| https://www.tiny.cloud/docs/release-notes/release-notes56/#securityfixes | related | |
| https://github.com/advisories/GHSA-w7jx-j77m-wp65 | third-party-advisory | |
| https://vulncheck.com/advisories/vc-advisory-GHSA-w7jx-j77m-wp65 | third-party-advisory |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:35:34.709Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://github.com/tinymce/tinymce/security/advisories/GHSA-w7jx-j77m-wp65"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://www.npmjs.com/package/tinymce"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://www.tiny.cloud/docs/release-notes/release-notes56/#securityfixes"
},
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://github.com/advisories/GHSA-w7jx-j77m-wp65"
},
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://vulncheck.com/advisories/vc-advisory-GHSA-w7jx-j77m-wp65"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-21911",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-16T19:26:37.180748Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-14T18:24:41.577Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://nuget.org/packages",
"defaultStatus": "unaffected",
"packageName": "TinyMCE",
"versions": [
{
"lessThan": "5.6.0",
"status": "affected",
"version": "0",
"versionType": "semver 2.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "TinyMCE versions before 5.6.0 are affected by a stored cross-site scripting vulnerability. An unauthenticated and remote attacker could insert crafted HTML into the editor resulting in arbitrary JavaScript execution in another user\u0027s browser."
}
],
"value": "TinyMCE versions before 5.6.0 are affected by a stored cross-site scripting vulnerability. An unauthenticated and remote attacker could insert crafted HTML into the editor resulting in arbitrary JavaScript execution in another user\u0027s browser."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-03T15:59:00.305Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://github.com/tinymce/tinymce/security/advisories/GHSA-w7jx-j77m-wp65"
},
{
"tags": [
"related"
],
"url": "https://www.npmjs.com/package/tinymce"
},
{
"tags": [
"related"
],
"url": "https://www.tiny.cloud/docs/release-notes/release-notes56/#securityfixes"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://github.com/advisories/GHSA-w7jx-j77m-wp65"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://vulncheck.com/advisories/vc-advisory-GHSA-w7jx-j77m-wp65"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Cross-site scripting vulnerability in TinyMCE"
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2024-21911",
"datePublished": "2024-01-03T15:59:00.305Z",
"dateReserved": "2024-01-03T14:21:17.583Z",
"dateUpdated": "2024-11-14T18:24:41.577Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-21910
Vulnerability from cvelistv5
Published
2024-01-03 15:55
Modified
2024-08-01 22:35
Severity ?
EPSS score ?
Summary
TinyMCE versions before 5.10.0 are affected by a cross-site scripting vulnerability. A remote and unauthenticated attacker could introduce crafted image or link URLs that would result in the execution of arbitrary JavaScript in an editing user's browser.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/tinymce/tinymce/security/advisories/GHSA-r8hm-w5f7-wj39 | vendor-advisory | |
| https://github.com/jazzband/django-tinymce/issues/366 | issue-tracking | |
| https://github.com/jazzband/django-tinymce/releases/tag/3.4.0 | related | |
| https://pypi.org/project/django-tinymce/3.4.0/ | related | |
| https://github.com/advisories/GHSA-r8hm-w5f7-wj39 | third-party-advisory | |
| https://vulncheck.com/advisories/vc-advisory-GHSA-r8hm-w5f7-wj39 | third-party-advisory |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:35:34.686Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://github.com/tinymce/tinymce/security/advisories/GHSA-r8hm-w5f7-wj39"
},
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://github.com/jazzband/django-tinymce/issues/366"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://github.com/jazzband/django-tinymce/releases/tag/3.4.0"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://pypi.org/project/django-tinymce/3.4.0/"
},
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://github.com/advisories/GHSA-r8hm-w5f7-wj39"
},
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://vulncheck.com/advisories/vc-advisory-GHSA-r8hm-w5f7-wj39"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://nuget.org/packages",
"defaultStatus": "unaffected",
"packageName": "TinyMCE",
"versions": [
{
"lessThan": "5.10.0",
"status": "affected",
"version": "0",
"versionType": "semver 2.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eTinyMCE versions before 5.10.0 are affected by a cross-site scripting vulnerability. A remote and unauthenticated attacker could introduce crafted image or link URLs that would result in the execution of arbitrary JavaScript in an editing user\u0027s browser.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "TinyMCE versions before 5.10.0 are affected by a cross-site scripting vulnerability. A remote and unauthenticated attacker could introduce crafted image or link URLs that would result in the execution of arbitrary JavaScript in an editing user\u0027s browser.\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-03T15:55:27.061Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://github.com/tinymce/tinymce/security/advisories/GHSA-r8hm-w5f7-wj39"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/jazzband/django-tinymce/issues/366"
},
{
"tags": [
"related"
],
"url": "https://github.com/jazzband/django-tinymce/releases/tag/3.4.0"
},
{
"tags": [
"related"
],
"url": "https://pypi.org/project/django-tinymce/3.4.0/"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://github.com/advisories/GHSA-r8hm-w5f7-wj39"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://vulncheck.com/advisories/vc-advisory-GHSA-r8hm-w5f7-wj39"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Cross-site scripting vulnerability in TinyMCE plugins"
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2024-21910",
"datePublished": "2024-01-03T15:55:27.061Z",
"dateReserved": "2024-01-03T14:21:17.583Z",
"dateUpdated": "2024-08-01T22:35:34.686Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-48219
Vulnerability from cvelistv5
Published
2023-11-15 18:59
Modified
2024-08-29 17:42
Severity ?
EPSS score ?
Summary
TinyMCE is an open source rich text editor. A mutation cross-site scripting (mXSS) vulnerability was discovered in TinyMCE’s core undo/redo functionality and other APIs and plugins. Text nodes within specific parents are not escaped upon serialization according to the HTML standard. If such text nodes contain a special character reserved as an internal marker, they can be combined with other HTML patterns to form malicious snippets. These snippets pass the initial sanitisation layer when the content is parsed into the editor body, but can trigger XSS when the special internal marker is removed from the content and re-parsed. his vulnerability has been patched in TinyMCE versions 6.7.3 and 5.10.9. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/tinymce/tinymce/security/advisories/GHSA-v626-r774-j7f8 | x_refsource_CONFIRM | |
| https://tiny.cloud/docs/release-notes/release-notes5109/ | x_refsource_MISC | |
| https://tiny.cloud/docs/tinymce/6/6.7.3-release-notes/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:23:39.267Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/tinymce/tinymce/security/advisories/GHSA-v626-r774-j7f8",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/tinymce/tinymce/security/advisories/GHSA-v626-r774-j7f8"
},
{
"name": "https://tiny.cloud/docs/release-notes/release-notes5109/",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tiny.cloud/docs/release-notes/release-notes5109/"
},
{
"name": "https://tiny.cloud/docs/tinymce/6/6.7.3-release-notes/",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tiny.cloud/docs/tinymce/6/6.7.3-release-notes/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-48219",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-29T17:41:49.250945Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T17:42:00.819Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "tinymce",
"vendor": "tinymce",
"versions": [
{
"status": "affected",
"version": "\u003e= 6.0.0 \u003c 6.7.3"
},
{
"status": "affected",
"version": "\u003c 5.10.9"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TinyMCE is an open source rich text editor. A mutation cross-site scripting (mXSS) vulnerability was discovered in TinyMCE\u2019s core undo/redo functionality and other APIs and plugins. Text nodes within specific parents are not escaped upon serialization according to the HTML standard. If such text nodes contain a special character reserved as an internal marker, they can be combined with other HTML patterns to form malicious snippets. These snippets pass the initial sanitisation layer when the content is parsed into the editor body, but can trigger XSS when the special internal marker is removed from the content and re-parsed. his vulnerability has been patched in TinyMCE versions 6.7.3 and 5.10.9. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-15T18:59:03.776Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/tinymce/tinymce/security/advisories/GHSA-v626-r774-j7f8",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/tinymce/tinymce/security/advisories/GHSA-v626-r774-j7f8"
},
{
"name": "https://tiny.cloud/docs/release-notes/release-notes5109/",
"tags": [
"x_refsource_MISC"
],
"url": "https://tiny.cloud/docs/release-notes/release-notes5109/"
},
{
"name": "https://tiny.cloud/docs/tinymce/6/6.7.3-release-notes/",
"tags": [
"x_refsource_MISC"
],
"url": "https://tiny.cloud/docs/tinymce/6/6.7.3-release-notes/"
}
],
"source": {
"advisory": "GHSA-v626-r774-j7f8",
"discovery": "UNKNOWN"
},
"title": "Special characters in unescaped text nodes can trigger mXSS in TinyMCE"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-48219",
"datePublished": "2023-11-15T18:59:03.776Z",
"dateReserved": "2023-11-13T13:25:18.479Z",
"dateUpdated": "2024-08-29T17:42:00.819Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-17480
Vulnerability from cvelistv5
Published
2020-08-10 19:34
Modified
2024-08-04 14:00
Severity ?
EPSS score ?
Summary
TinyMCE before 4.9.7 and 5.x before 5.1.4 allows XSS in the core parser, the paste plugin, and the visualchars plugin by using the clipboard or APIs to insert content into the editor.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/tinymce/tinymce/security/advisories/GHSA-27gm-ghr9-4v95 | x_refsource_MISC | |
| https://www.tiny.cloud/docs/release-notes/release-notes514/#securityfixes | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T14:00:47.422Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/tinymce/tinymce/security/advisories/GHSA-27gm-ghr9-4v95"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tiny.cloud/docs/release-notes/release-notes514/#securityfixes"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TinyMCE before 4.9.7 and 5.x before 5.1.4 allows XSS in the core parser, the paste plugin, and the visualchars plugin by using the clipboard or APIs to insert content into the editor."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-10T19:34:35",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/tinymce/tinymce/security/advisories/GHSA-27gm-ghr9-4v95"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tiny.cloud/docs/release-notes/release-notes514/#securityfixes"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-17480",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TinyMCE before 4.9.7 and 5.x before 5.1.4 allows XSS in the core parser, the paste plugin, and the visualchars plugin by using the clipboard or APIs to insert content into the editor."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/tinymce/tinymce/security/advisories/GHSA-27gm-ghr9-4v95",
"refsource": "MISC",
"url": "https://github.com/tinymce/tinymce/security/advisories/GHSA-27gm-ghr9-4v95"
},
{
"name": "https://www.tiny.cloud/docs/release-notes/release-notes514/#securityfixes",
"refsource": "MISC",
"url": "https://www.tiny.cloud/docs/release-notes/release-notes514/#securityfixes"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-17480",
"datePublished": "2020-08-10T19:34:35",
"dateReserved": "2020-08-10T00:00:00",
"dateUpdated": "2024-08-04T14:00:47.422Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2022-12-08 22:15
Modified
2024-11-21 06:48
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
tinymce is an open source rich text editor. A cross-site scripting (XSS) vulnerability was discovered in the alert and confirm dialogs when these dialogs were provided with malicious HTML content. This can occur in plugins that use the alert or confirm dialogs, such as in the `image` plugin, which presents these dialogs when certain errors occur. The vulnerability allowed arbitrary JavaScript execution when an alert presented in the TinyMCE UI for the current user. This vulnerability has been patched in TinyMCE 5.10.7 and TinyMCE 6.3.1 by ensuring HTML sanitization was still performed after unwrapping invalid elements. Users are advised to upgrade to either 5.10.7 or 6.3.1. Users unable to upgrade may ensure the the `images_upload_handler` returns a valid value as per the images_upload_handler documentation.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tiny:tinymce:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40FAA5E8-663B-4236-981C-69A5F03221EB",
"versionEndExcluding": "5.10.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tiny:tinymce:*:*:*:*:*:*:*:*",
"matchCriteriaId": "246A9A9B-C507-4BFE-B118-EFC4EEFAF4AA",
"versionEndExcluding": "6.3.1",
"versionStartIncluding": "6.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "tinymce is an open source rich text editor. A cross-site scripting (XSS) vulnerability was discovered in the alert and confirm dialogs when these dialogs were provided with malicious HTML content. This can occur in plugins that use the alert or confirm dialogs, such as in the `image` plugin, which presents these dialogs when certain errors occur. The vulnerability allowed arbitrary JavaScript execution when an alert presented in the TinyMCE UI for the current user. This vulnerability has been patched in TinyMCE 5.10.7 and TinyMCE 6.3.1 by ensuring HTML sanitization was still performed after unwrapping invalid elements. Users are advised to upgrade to either 5.10.7 or 6.3.1. Users unable to upgrade may ensure the the `images_upload_handler` returns a valid value as per the images_upload_handler documentation."
},
{
"lang": "es",
"value": "tinymce es un editor de texto enriquecido de c\u00f3digo abierto. Se descubri\u00f3 una vulnerabilidad de Cross-Site Scripting (XSS) en los cuadros de di\u00e1logo de alerta y confirmaci\u00f3n cuando estos cuadros de di\u00e1logo conten\u00edan contenido HTML malicioso. Esto puede ocurrir en complementos que utilizan cuadros de di\u00e1logo de alerta o confirmaci\u00f3n, como en el complemento \"image\", que presenta estos cuadros de di\u00e1logo cuando ocurren ciertos errores. La vulnerabilidad permit\u00eda la ejecuci\u00f3n arbitraria de JavaScript cuando se presentaba una alerta en la interfaz de usuario de TinyMCE para el usuario actual. Esta vulnerabilidad se parch\u00f3 en TinyMCE 5.10.7 y TinyMCE 6.3.1 asegurando que a\u00fan se realizara la sanitizaci\u00f3n de HTML despu\u00e9s de desempaquetar elementos no v\u00e1lidos. Se recomienda a los usuarios que actualicen a 5.10.7 o 6.3.1. Los usuarios que no puedan actualizar pueden asegurarse de que `images_upload_handler` devuelva un valor v\u00e1lido seg\u00fan la documentaci\u00f3n de images_upload_handler."
}
],
"id": "CVE-2022-23494",
"lastModified": "2024-11-21T06:48:40.730",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-12-08T22:15:10.150",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/tinymce/tinymce/commit/6923d85eba6de3e08ebc9c5a387b5abdaa21150e"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/tinymce/tinymce/commit/8bb2d2646d4e1a718fce61a775fa22e9d317b32d"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/tinymce/tinymce/security/advisories/GHSA-gg8r-xjwq-4w92"
},
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.tiny.cloud/docs/release-notes/release-notes5107/#securityfixes"
},
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.tiny.cloud/docs/tinymce/6/6.3-release-notes/#security-fixes"
},
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.tiny.cloud/docs/tinymce/6/file-image-upload/#images_upload_handler"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/tinymce/tinymce/commit/6923d85eba6de3e08ebc9c5a387b5abdaa21150e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/tinymce/tinymce/commit/8bb2d2646d4e1a718fce61a775fa22e9d317b32d"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/tinymce/tinymce/security/advisories/GHSA-gg8r-xjwq-4w92"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.tiny.cloud/docs/release-notes/release-notes5107/#securityfixes"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.tiny.cloud/docs/tinymce/6/6.3-release-notes/#security-fixes"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.tiny.cloud/docs/tinymce/6/file-image-upload/#images_upload_handler"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-01-03 16:15
Modified
2024-11-21 08:55
Severity ?
Summary
TinyMCE versions before 5.10.0 are affected by a cross-site scripting vulnerability. A remote and unauthenticated attacker could introduce crafted image or link URLs that would result in the execution of arbitrary JavaScript in an editing user's browser.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tiny:tinymce:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1CDEC000-8A31-496B-9137-F71208146F9D",
"versionEndExcluding": "5.10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TinyMCE versions before 5.10.0 are affected by a cross-site scripting vulnerability. A remote and unauthenticated attacker could introduce crafted image or link URLs that would result in the execution of arbitrary JavaScript in an editing user\u0027s browser.\n"
},
{
"lang": "es",
"value": "Las versiones de TinyMCE anteriores a la 5.10.0 se ven afectadas por una vulnerabilidad de cross site scripting. Un atacante remoto y no autenticado podr\u00eda introducir im\u00e1genes manipuladas o URL de enlaces que dar\u00edan como resultado la ejecuci\u00f3n de JavaScript arbitrario en el navegador de un usuario que est\u00e9 editando."
}
],
"id": "CVE-2024-21910",
"lastModified": "2024-11-21T08:55:15.320",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-01-03T16:15:09.090",
"references": [
{
"source": "disclosure@vulncheck.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/advisories/GHSA-r8hm-w5f7-wj39"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/jazzband/django-tinymce/issues/366"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Release Notes"
],
"url": "https://github.com/jazzband/django-tinymce/releases/tag/3.4.0"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/tinymce/tinymce/security/advisories/GHSA-r8hm-w5f7-wj39"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Release Notes"
],
"url": "https://pypi.org/project/django-tinymce/3.4.0/"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Third Party Advisory"
],
"url": "https://vulncheck.com/advisories/vc-advisory-GHSA-r8hm-w5f7-wj39"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/advisories/GHSA-r8hm-w5f7-wj39"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/jazzband/django-tinymce/issues/366"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://github.com/jazzband/django-tinymce/releases/tag/3.4.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/tinymce/tinymce/security/advisories/GHSA-r8hm-w5f7-wj39"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://pypi.org/project/django-tinymce/3.4.0/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://vulncheck.com/advisories/vc-advisory-GHSA-r8hm-w5f7-wj39"
}
],
"sourceIdentifier": "disclosure@vulncheck.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "disclosure@vulncheck.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-07-17 17:15
Modified
2024-11-21 04:17
Severity ?
Summary
tinymce 4.7.11, 4.7.12 is affected by: CWE-79: Improper Neutralization of Input During Web Page Generation. The impact is: JavaScript code execution. The component is: Media element. The attack vector is: The victim must paste malicious content to media element's embed tab.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| josh@bress.net | https://github.com/tinymce/tinymce/issues/4394 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/tinymce/tinymce/issues/4394 | Exploit, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tiny:tinymce:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A2B392D9-F383-487C-B322-40C5AD168F5F",
"versionEndExcluding": "4.9.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tiny:tinymce:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D97BCC9C-A729-4722-9265-F8FB67BBAE95",
"versionEndExcluding": "5.2.2",
"versionStartIncluding": "5.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "tinymce 4.7.11, 4.7.12 is affected by: CWE-79: Improper Neutralization of Input During Web Page Generation. The impact is: JavaScript code execution. The component is: Media element. The attack vector is: The victim must paste malicious content to media element\u0027s embed tab."
},
{
"lang": "es",
"value": "tinymce versiones 4.7.11, 4.7.12, est\u00e1 afectada por: CWE-79: Neutralizaci\u00f3n Inapropiada de la Entrada Durante la Generaci\u00f3n de P\u00e1ginas Web. El impacto es: ejecuci\u00f3n de c\u00f3digo JavaScript. El componente es: Elemento Multimedia. El vector de ataque es: La v\u00edctima debe pegar contenido malicioso en la pesta\u00f1a de inserci\u00f3n del elemento multimedia."
}
],
"id": "CVE-2019-1010091",
"lastModified": "2024-11-21T04:17:57.863",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-07-17T17:15:13.200",
"references": [
{
"source": "josh@bress.net",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/tinymce/tinymce/issues/4394"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/tinymce/tinymce/issues/4394"
}
],
"sourceIdentifier": "josh@bress.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "josh@bress.net",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-08-14 14:15
Modified
2024-11-21 04:59
Severity ?
Summary
A cross-site scripting (XSS) vulnerability in TinyMCE 5.2.1 and earlier allows remote attackers to inject arbitrary web script when configured in classic editing mode.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://labs.bishopfox.com/advisories/tinymce-version-5.2.1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://labs.bishopfox.com/advisories/tinymce-version-5.2.1 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tiny:tinymce:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1449547-DD1C-4716-B8DC-33BD13B50C27",
"versionEndExcluding": "4.9.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tiny:tinymce:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4BCF30E-C951-4BA5-9BB8-9D0D2ADF1123",
"versionEndExcluding": "5.4.1",
"versionStartIncluding": "5.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in TinyMCE 5.2.1 and earlier allows remote attackers to inject arbitrary web script when configured in classic editing mode."
},
{
"lang": "es",
"value": "Una vulnerabilidad de tipo cross-site scripting (XSS) en TinyMCE versiones 5.2.1 y anteriores, permite a atacantes remotos inyectar script web arbitrario cuando se configuraba en el modo de edici\u00f3n cl\u00e1sica."
}
],
"id": "CVE-2020-12648",
"lastModified": "2024-11-21T04:59:59.067",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-08-14T14:15:12.410",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://labs.bishopfox.com/advisories/tinymce-version-5.2.1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://labs.bishopfox.com/advisories/tinymce-version-5.2.1"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-01-03 16:15
Modified
2024-11-21 08:55
Severity ?
Summary
TinyMCE versions before 5.9.0 are affected by a stored cross-site scripting vulnerability. An unauthenticated and remote attacker could insert crafted HTML into the editor resulting in arbitrary JavaScript execution in another user's browser.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| disclosure@vulncheck.com | https://github.com/advisories/GHSA-5h9g-x5rv-25wg | Exploit, Third Party Advisory | |
| disclosure@vulncheck.com | https://github.com/tinymce/tinymce/security/advisories/GHSA-5h9g-x5rv-25wg | Exploit, Third Party Advisory | |
| disclosure@vulncheck.com | https://vulncheck.com/advisories/vc-advisory-GHSA-5h9g-x5rv-25wg | Third Party Advisory | |
| disclosure@vulncheck.com | https://www.tiny.cloud/docs/release-notes/release-notes59/#securityfixes | Release Notes | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/advisories/GHSA-5h9g-x5rv-25wg | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/tinymce/tinymce/security/advisories/GHSA-5h9g-x5rv-25wg | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://vulncheck.com/advisories/vc-advisory-GHSA-5h9g-x5rv-25wg | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tiny.cloud/docs/release-notes/release-notes59/#securityfixes | Release Notes |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tiny:tinymce:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABCA10B9-8E44-481C-A931-D81D95400CDF",
"versionEndExcluding": "5.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\nTinyMCE versions before 5.9.0 are affected by a stored cross-site scripting vulnerability. An unauthenticated and remote attacker could insert crafted HTML into the editor resulting in arbitrary JavaScript execution in another user\u0027s browser.\n\n\n\n"
},
{
"lang": "es",
"value": "Las versiones de TinyMCE anteriores a la 5.9.0 se ven afectadas por una vulnerabilidad de cross site scripting almacenado. Un atacante remoto y no autenticado podr\u00eda insertar HTML manipulado en el editor, lo que provocar\u00eda la ejecuci\u00f3n arbitraria de JavaScript en el navegador de otro usuario."
}
],
"id": "CVE-2024-21908",
"lastModified": "2024-11-21T08:55:14.973",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-01-03T16:15:08.913",
"references": [
{
"source": "disclosure@vulncheck.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/advisories/GHSA-5h9g-x5rv-25wg"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/tinymce/tinymce/security/advisories/GHSA-5h9g-x5rv-25wg"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Third Party Advisory"
],
"url": "https://vulncheck.com/advisories/vc-advisory-GHSA-5h9g-x5rv-25wg"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Release Notes"
],
"url": "https://www.tiny.cloud/docs/release-notes/release-notes59/#securityfixes"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/advisories/GHSA-5h9g-x5rv-25wg"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/tinymce/tinymce/security/advisories/GHSA-5h9g-x5rv-25wg"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://vulncheck.com/advisories/vc-advisory-GHSA-5h9g-x5rv-25wg"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://www.tiny.cloud/docs/release-notes/release-notes59/#securityfixes"
}
],
"sourceIdentifier": "disclosure@vulncheck.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "disclosure@vulncheck.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-19 22:15
Modified
2024-11-21 08:27
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
TinyMCE is an open source rich text editor. A cross-site scripting (XSS) vulnerability was discovered in TinyMCE’s Notification Manager API. The vulnerability exploits TinyMCE's unfiltered notification system, which is used in error handling. The conditions for this exploit requires carefully crafted malicious content to have been inserted into the editor and a notification to have been triggered. When a notification was opened, the HTML within the text argument was displayed unfiltered in the notification. The vulnerability allowed arbitrary JavaScript execution when an notification presented in the TinyMCE UI for the current user. This issue could also be exploited by any integration which uses a TinyMCE notification to display unfiltered HTML content. This vulnerability has been patched in TinyMCE 5.10.8 and TinyMCE 6.7.1 by ensuring that the HTML displayed in the notification is sanitized, preventing the exploit. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tiny:tinymce:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9D412ED-B744-4750-B6D4-3D55C8DCD8D0",
"versionEndExcluding": "5.10.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tiny:tinymce:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0328BE76-BE2B-48C0-B4D1-B6B04C9AB29C",
"versionEndExcluding": "6.7.1",
"versionStartIncluding": "6.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TinyMCE is an open source rich text editor. A cross-site scripting (XSS) vulnerability was discovered in TinyMCE\u2019s Notification Manager API. The vulnerability exploits TinyMCE\u0027s unfiltered notification system, which is used in error handling. The conditions for this exploit requires carefully crafted malicious content to have been inserted into the editor and a notification to have been triggered. When a notification was opened, the HTML within the text argument was displayed unfiltered in the notification. The vulnerability allowed arbitrary JavaScript execution when an notification presented in the TinyMCE UI for the current user. This issue could also be exploited by any integration which uses a TinyMCE notification to display unfiltered HTML content. This vulnerability has been patched in TinyMCE 5.10.8 and TinyMCE 6.7.1 by ensuring that the HTML displayed in the notification is sanitized, preventing the exploit. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n"
},
{
"lang": "es",
"value": "TinyMCE es un editor de texto enriquecido de c\u00f3digo abierto. Se descubri\u00f3 una vulnerabilidad de Cross-Site Scripting (XSS) en la API del Administrador de notificaciones de TinyMCE. La vulnerabilidad explota el sistema de notificaci\u00f3n sin filtrar de TinyMCE, que se utiliza en el manejo de errores. Las condiciones para este exploit requieren que se haya insertado contenido malicioso cuidadosamente manipulado en el editor y que se haya activado una notificaci\u00f3n. Cuando se abri\u00f3 una notificaci\u00f3n, el HTML dentro del argumento de texto se mostr\u00f3 sin filtrar en la notificaci\u00f3n. La vulnerabilidad permit\u00eda la ejecuci\u00f3n arbitraria de JavaScript cuando se presentaba una notificaci\u00f3n en la interfaz de usuario de TinyMCE para el usuario actual. Este problema tambi\u00e9n podr\u00eda ser aprovechado por cualquier integraci\u00f3n que utilice una notificaci\u00f3n TinyMCE para mostrar contenido HTML sin filtrar. Esta vulnerabilidad se ha solucionado en TinyMCE 5.10.8 y TinyMCE 6.7.1 garantizando que el HTML que se muestra en la notificaci\u00f3n est\u00e9 sanitizado, lo que evita el exploit. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad."
}
],
"id": "CVE-2023-45819",
"lastModified": "2024-11-21T08:27:25.233",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-19T22:15:11.150",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/tinymce/tinymce/security/advisories/GHSA-hgqx-r2hp-jr38"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/tinymce/tinymce/security/advisories/GHSA-hgqx-r2hp-jr38"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-19 22:15
Modified
2024-11-21 08:27
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
TinyMCE is an open source rich text editor. A mutation cross-site scripting (mXSS) vulnerability was discovered in TinyMCE’s core undo and redo functionality. When a carefully-crafted HTML snippet passes the XSS sanitisation layer, it is manipulated as a string by internal trimming functions before being stored in the undo stack. If the HTML snippet is restored from the undo stack, the combination of the string manipulation and reparative parsing by either the browser's native [DOMParser API](https://developer.mozilla.org/en-US/docs/Web/API/DOMParser) (TinyMCE 6) or the SaxParser API (TinyMCE 5) mutates the HTML maliciously, allowing an XSS payload to be executed. This vulnerability has been patched in TinyMCE 5.10.8 and TinyMCE 6.7.1 by ensuring HTML is trimmed using node-level manipulation instead of string manipulation. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tiny:tinymce:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9D412ED-B744-4750-B6D4-3D55C8DCD8D0",
"versionEndExcluding": "5.10.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tiny:tinymce:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0328BE76-BE2B-48C0-B4D1-B6B04C9AB29C",
"versionEndExcluding": "6.7.1",
"versionStartIncluding": "6.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TinyMCE is an open source rich text editor. A mutation cross-site scripting (mXSS) vulnerability was discovered in TinyMCE\u2019s core undo and redo functionality. When a carefully-crafted HTML snippet passes the XSS sanitisation layer, it is manipulated as a string by internal trimming functions before being stored in the undo stack. If the HTML snippet is restored from the undo stack, the combination of the string manipulation and reparative parsing by either the browser\u0027s native [DOMParser API](https://developer.mozilla.org/en-US/docs/Web/API/DOMParser) (TinyMCE 6) or the SaxParser API (TinyMCE 5) mutates the HTML maliciously, allowing an XSS payload to be executed. This vulnerability has been patched in TinyMCE 5.10.8 and TinyMCE 6.7.1 by ensuring HTML is trimmed using node-level manipulation instead of string manipulation. Users are advised to upgrade. There are no known workarounds for this vulnerability."
},
{
"lang": "es",
"value": "TinyMCE es un editor de texto enriquecido de c\u00f3digo abierto. Se descubri\u00f3 una vulnerabilidad de Cross-Site Scripting (XSS) en la funcionalidad principal de deshacer y rehacer de TinyMCE. Cuando un fragmento de HTML cuidadosamente manipulado pasa la capa de sanitizaci\u00f3n XSS, las funciones de recorte internas lo manipulan como una cadena antes de almacenarlo en la pila de deshacer. Si el fragmento HTML se restaura desde la pila de deshacer, la combinaci\u00f3n de manipulaci\u00f3n de cadenas y an\u00e1lisis reparativo mediante la [API DOMParser] nativa del navegador (https://developer.mozilla.org/en-US/docs/Web/API/ DOMParser) (TinyMCE 6) o la API SaxParser (TinyMCE 5) muta el HTML de forma maliciosa, permitiendo que se ejecute un payload XSS. Esta vulnerabilidad se ha solucionado en TinyMCE 5.10.8 y TinyMCE 6.7.1 garantizando que HTML se recorte mediante manipulaci\u00f3n a nivel de nodo en lugar de manipulaci\u00f3n de cadenas. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad."
}
],
"id": "CVE-2023-45818",
"lastModified": "2024-11-21T08:27:25.077",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-19T22:15:10.817",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/tinymce/tinymce/security/advisories/GHSA-v65r-p3vv-jjfv"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://researchgate.net/publication/266654651_mXSS_attacks_Attacking_well-secured_web-applications_by_using_innerHTML_mutations"
},
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
],
"url": "https://tiny.cloud/docs/release-notes/release-notes5108/#securityfixes"
},
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
],
"url": "https://tiny.cloud/docs/tinymce/6/6.7.1-release-notes/#security-fixes"
},
{
"source": "security-advisories@github.com",
"tags": [
"Product"
],
"url": "https://www.tiny.cloud/docs/api/tinymce.html/tinymce.html.saxparser/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/tinymce/tinymce/security/advisories/GHSA-v65r-p3vv-jjfv"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://researchgate.net/publication/266654651_mXSS_attacks_Attacking_well-secured_web-applications_by_using_innerHTML_mutations"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://tiny.cloud/docs/release-notes/release-notes5108/#securityfixes"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://tiny.cloud/docs/tinymce/6/6.7.1-release-notes/#security-fixes"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://www.tiny.cloud/docs/api/tinymce.html/tinymce.html.saxparser/"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-11-15 19:15
Modified
2024-11-21 08:31
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
TinyMCE is an open source rich text editor. A mutation cross-site scripting (mXSS) vulnerability was discovered in TinyMCE’s core undo/redo functionality and other APIs and plugins. Text nodes within specific parents are not escaped upon serialization according to the HTML standard. If such text nodes contain a special character reserved as an internal marker, they can be combined with other HTML patterns to form malicious snippets. These snippets pass the initial sanitisation layer when the content is parsed into the editor body, but can trigger XSS when the special internal marker is removed from the content and re-parsed. his vulnerability has been patched in TinyMCE versions 6.7.3 and 5.10.9. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tiny:tinymce:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A7E72-6013-4A19-A5D7-D08FD31DDF27",
"versionEndExcluding": "5.10.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tiny:tinymce:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CAF79931-B0A1-4438-9638-1F4F7503A72A",
"versionEndExcluding": "6.7.3",
"versionStartIncluding": "6.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TinyMCE is an open source rich text editor. A mutation cross-site scripting (mXSS) vulnerability was discovered in TinyMCE\u2019s core undo/redo functionality and other APIs and plugins. Text nodes within specific parents are not escaped upon serialization according to the HTML standard. If such text nodes contain a special character reserved as an internal marker, they can be combined with other HTML patterns to form malicious snippets. These snippets pass the initial sanitisation layer when the content is parsed into the editor body, but can trigger XSS when the special internal marker is removed from the content and re-parsed. his vulnerability has been patched in TinyMCE versions 6.7.3 and 5.10.9. Users are advised to upgrade. There are no known workarounds for this vulnerability."
},
{
"lang": "es",
"value": "TinyMCE es un editor de texto enriquecido de c\u00f3digo abierto. Se descubri\u00f3 una vulnerabilidad de Cross-Site Scripting (mXSS) de Mutaci\u00f3n en la funcionalidad principal de deshacer/rehacer de TinyMCE y en otras API y complementos. Los nodos de texto dentro de padres espec\u00edficos no tienen escape durante la serializaci\u00f3n de acuerdo con el est\u00e1ndar HTML. Si dichos nodos de texto contienen un car\u00e1cter especial reservado como marcador interno, se pueden combinar con otros patrones HTML para formar fragmentos maliciosos. Estos fragmentos pasan la capa de sanitizaci\u00f3n inicial cuando el contenido se analiza en el cuerpo del editor, pero pueden activar XSS cuando el marcador interno especial se elimina del contenido y se vuelve a analizar. Su vulnerabilidad ha sido parcheada en las versiones 6.7.3 y 5.10.9 de TinyMCE. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad."
}
],
"id": "CVE-2023-48219",
"lastModified": "2024-11-21T08:31:14.003",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-11-15T19:15:07.857",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/tinymce/tinymce/security/advisories/GHSA-v626-r774-j7f8"
},
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
],
"url": "https://tiny.cloud/docs/release-notes/release-notes5109/"
},
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
],
"url": "https://tiny.cloud/docs/tinymce/6/6.7.3-release-notes/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/tinymce/tinymce/security/advisories/GHSA-v626-r774-j7f8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://tiny.cloud/docs/release-notes/release-notes5109/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://tiny.cloud/docs/tinymce/6/6.7.3-release-notes/"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-01-03 16:15
Modified
2024-11-21 08:55
Severity ?
Summary
TinyMCE versions before 5.6.0 are affected by a stored cross-site scripting vulnerability. An unauthenticated and remote attacker could insert crafted HTML into the editor resulting in arbitrary JavaScript execution in another user's browser.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tiny:tinymce:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F64C0DD4-B960-418F-A2B0-07A5BFAD3DA3",
"versionEndExcluding": "5.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TinyMCE versions before 5.6.0 are affected by a stored cross-site scripting vulnerability. An unauthenticated and remote attacker could insert crafted HTML into the editor resulting in arbitrary JavaScript execution in another user\u0027s browser."
},
{
"lang": "es",
"value": "Las versiones de TinyMCE anteriores a la 5.6.0 se ven afectadas por una vulnerabilidad de cross site scripting almacenado. Un atacante remoto y no autenticado podr\u00eda insertar HTML manipulado en el editor, lo que provocar\u00eda la ejecuci\u00f3n arbitraria de JavaScript en el navegador de otro usuario."
}
],
"id": "CVE-2024-21911",
"lastModified": "2024-11-21T08:55:15.477",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-01-03T16:15:09.170",
"references": [
{
"source": "disclosure@vulncheck.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/advisories/GHSA-w7jx-j77m-wp65"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/tinymce/tinymce/security/advisories/GHSA-w7jx-j77m-wp65"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Third Party Advisory"
],
"url": "https://vulncheck.com/advisories/vc-advisory-GHSA-w7jx-j77m-wp65"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Release Notes"
],
"url": "https://www.npmjs.com/package/tinymce"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Release Notes"
],
"url": "https://www.tiny.cloud/docs/release-notes/release-notes56/#securityfixes"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/advisories/GHSA-w7jx-j77m-wp65"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/tinymce/tinymce/security/advisories/GHSA-w7jx-j77m-wp65"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://vulncheck.com/advisories/vc-advisory-GHSA-w7jx-j77m-wp65"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://www.npmjs.com/package/tinymce"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://www.tiny.cloud/docs/release-notes/release-notes56/#securityfixes"
}
],
"sourceIdentifier": "disclosure@vulncheck.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "disclosure@vulncheck.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-08-10 20:15
Modified
2024-11-21 05:08
Severity ?
Summary
TinyMCE before 4.9.7 and 5.x before 5.1.4 allows XSS in the core parser, the paste plugin, and the visualchars plugin by using the clipboard or APIs to insert content into the editor.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/tinymce/tinymce/security/advisories/GHSA-27gm-ghr9-4v95 | Exploit, Release Notes, Third Party Advisory | |
| cve@mitre.org | https://www.tiny.cloud/docs/release-notes/release-notes514/#securityfixes | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/tinymce/tinymce/security/advisories/GHSA-27gm-ghr9-4v95 | Exploit, Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tiny.cloud/docs/release-notes/release-notes514/#securityfixes | Release Notes, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tiny:tinymce:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E070489E-A8EB-4B78-980C-F68DEFBA794C",
"versionEndExcluding": "4.9.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tiny:tinymce:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D405D559-63D7-4550-AEA9-07A3A04F1306",
"versionEndExcluding": "5.1.4",
"versionStartIncluding": "5.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TinyMCE before 4.9.7 and 5.x before 5.1.4 allows XSS in the core parser, the paste plugin, and the visualchars plugin by using the clipboard or APIs to insert content into the editor."
},
{
"lang": "es",
"value": "TinyMCE versiones anteriores a 4.9.7 y versiones 5.x anteriores a 5.1.4, permite un ataque de tipo XSS en el analizador central, el plugin paste y el plugin visualchars mediante el uso del portapapeles o las API para insertar contenido en el editor"
}
],
"id": "CVE-2020-17480",
"lastModified": "2024-11-21T05:08:12.057",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-08-10T20:15:11.737",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/tinymce/tinymce/security/advisories/GHSA-27gm-ghr9-4v95"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.tiny.cloud/docs/release-notes/release-notes514/#securityfixes"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/tinymce/tinymce/security/advisories/GHSA-27gm-ghr9-4v95"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.tiny.cloud/docs/release-notes/release-notes514/#securityfixes"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}