Vulnerabilities > Tiny
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-10 | CVE-2020-17480 | Cross-site Scripting vulnerability in Tiny Tinymce TinyMCE before 4.9.7 and 5.x before 5.1.4 allows XSS in the core parser, the paste plugin, and the visualchars plugin by using the clipboard or APIs to insert content into the editor. | 6.1 |
| 2020-02-12 | CVE-2011-4908 | Unrestricted Upload of File with Dangerous Type vulnerability in Tiny Tinybrowser TinyBrowser plugin for Joomla! before 1.5.13 allows arbitrary file upload via upload.php. | 9.8 |
| 2020-02-12 | CVE-2011-4906 | Unrestricted Upload of File with Dangerous Type vulnerability in Tiny Tinybrowser Tiny browser in TinyMCE 3.0 editor in Joomla! before 1.5.13 allows file upload and arbitrary PHP code execution. | 9.8 |
| 2019-07-17 | CVE-2019-1010091 | Cross-site Scripting vulnerability in Tiny Tinymce tinymce 4.7.11, 4.7.12 is affected by: CWE-79: Improper Neutralization of Input During Web Page Generation. | 6.1 |
| 2019-03-25 | CVE-2019-10012 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products Jenzabar JICS (aka Internet Campus Solution) before 9 allows remote attackers to upload and execute arbitrary .aspx code by placing it in a ZIP archive and using the MoxieManager (for .NET) plugin before 2.1.4 in the moxiemanager directory within the installation folder ICS\ICS.NET\ICSFileServer. | 7.5 |