CVE-2024-21911
Published
CVSS v3
6.1
MEDIUM
CVSS v2
N/A
Affected
2
PROJECTS
Description
TinyMCE versions before 5.6.0 are affected by a stored cross-site scripting vulnerability. An unauthenticated and remote attacker could insert crafted HTML into the editor resulting in arbitrary JavaScript execution in another user's browser.
NPM
The world's #1 JavaScript library for rich text editing. Available for React, Vue and Angular
GitHub