CVE-2024-29203

CVSS V2 None CVSS V3 None
Description
TinyMCE is an open source rich text editor. A cross-site scripting (XSS) vulnerability was discovered in TinyMCE’s content insertion code. This allowed `iframe` elements containing malicious code to execute when inserted into the editor. These `iframe` elements are restricted in their permissions by same-origin browser protections, but could still trigger operations such as downloading of malicious assets. This vulnerability is fixed in 6.8.1.
Overview
  • CVE ID
  • CVE-2024-29203
  • Assigner
  • GitHub_M
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-03-26T13:23:53.673Z
  • Last Modified Date
  • 2024-03-26T13:23:53.673Z
History
Created Old Value New Value Data Type Notes
2024-06-26 02:21:58 Added to TrackCVE