Vulnerabilities > Tiny > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-03 | CVE-2024-21908 | Cross-site Scripting vulnerability in Tiny Tinymce TinyMCE versions before 5.9.0 are affected by a stored cross-site scripting vulnerability. | 6.1 |
| 2024-01-03 | CVE-2024-21910 | Cross-site Scripting vulnerability in Tiny Tinymce TinyMCE versions before 5.10.0 are affected by a cross-site scripting vulnerability. | 6.1 |
| 2024-01-03 | CVE-2024-21911 | Cross-site Scripting vulnerability in Tiny Tinymce TinyMCE versions before 5.6.0 are affected by a stored cross-site scripting vulnerability. | 6.1 |
| 2023-11-15 | CVE-2023-48219 | Cross-site Scripting vulnerability in Tiny Tinymce TinyMCE is an open source rich text editor. | 6.1 |
| 2023-10-19 | CVE-2023-45818 | Cross-site Scripting vulnerability in Tiny Tinymce TinyMCE is an open source rich text editor. | 6.1 |
| 2023-10-19 | CVE-2023-45819 | Cross-site Scripting vulnerability in Tiny Tinymce TinyMCE is an open source rich text editor. | 6.1 |
| 2022-12-08 | CVE-2022-23494 | Cross-site Scripting vulnerability in Tiny Tinymce tinymce is an open source rich text editor. | 6.1 |
| 2021-12-03 | CVE-2021-23562 | Unrestricted Upload of File with Dangerous Type vulnerability in Tiny Plupload This affects the package plupload before 2.3.9. | 6.8 |
| 2020-08-14 | CVE-2020-12648 | Cross-site Scripting vulnerability in Tiny Tinymce A cross-site scripting (XSS) vulnerability in TinyMCE 5.2.1 and earlier allows remote attackers to inject arbitrary web script when configured in classic editing mode. | 4.3 |
| 2020-08-10 | CVE-2020-17480 | Cross-site Scripting vulnerability in Tiny Tinymce TinyMCE before 4.9.7 and 5.x before 5.1.4 allows XSS in the core parser, the paste plugin, and the visualchars plugin by using the clipboard or APIs to insert content into the editor. | 4.3 |