CVE-2024-21910
Published
CVSS v3
6.1
MEDIUM
CVSS v2
N/A
Affected
3
PROJECTS
Description
TinyMCE versions before 5.10.0 are affected by a cross-site scripting vulnerability. A remote and unauthenticated attacker could introduce crafted image or link URLs that would result in the execution of arbitrary JavaScript in an editing user's browser.
The world's #1 JavaScript library for rich text editing. Available for React, Vue and Angular
GitHub