logo

Database

Reflected cross-site scripting (XSS) In tinymce

Description

Cross-site Scripting

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2020-126482. NVD-2020-126483. OSV-2020-126484. GHSA-vrv8-v4w8-f95h5. GCVE-2020-12648

References

1. https://github.com/tinymce/tinymce/security/advisories/GHSA-vrv8-v4w8-f95h2. https://github.com/tinymce/tinymce/pull/58433. https://github.com/tinymce/tinymce/commit/2b71c922214d388838d930806207a66c14e80f634. https://github.com/tinymce/tinymce/commit/696e43658dc9750ec24fdc4650bd2be9653daf5b5. https://www.tiny.cloud/docs/release-notes/release-notes54/#securityfixes

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.