Description
TinyMCE versions before 5.10.0 are affected by a cross-site scripting vulnerability. A remote and unauthenticated attacker could introduce crafted image or link URLs that would result in the execution of arbitrary JavaScript in an editing user's browser.
Remediation
References
Related Vulnerabilities
WordPress Plugin Ajax Plugin Helper Cross-Site Scripting (1.0.5)
WordPress Plugin Blog2Social:Social Media Auto Post & Scheduler SQL Injection (5.5.0)
IBM WebSEAL Weak Password Requirements Vulnerability (CVE-2024-35137)
Oracle JRE CVE-2012-5087 Vulnerability (CVE-2012-5087)
WordPress Plugin CopySafe PDF Protection Unspecified Vulnerability (1.10)