Vulnerabilities > Tiny > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-08-10 | CVE-2020-17480 | Cross-site Scripting vulnerability in Tiny Tinymce TinyMCE before 4.9.7 and 5.x before 5.1.4 allows XSS in the core parser, the paste plugin, and the visualchars plugin by using the clipboard or APIs to insert content into the editor. | 4.3 |
2019-07-17 | CVE-2019-1010091 | Cross-site Scripting vulnerability in Tiny Tinymce tinymce 4.7.11, 4.7.12 is affected by: CWE-79: Improper Neutralization of Input During Web Page Generation. | 4.3 |