tinymce 4.7.11, 4.7.12 is affected by: CWE-79: Improper Neutralization of Input During Web Page Generation. The impact is: JavaScript code execution. The component is: Media element. The attack vector is: The victim must paste malicious content to media element's embed tab.
References
Link | Resource |
---|---|
https://github.com/tinymce/tinymce/issues/4394 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: dwf
Published: 2019-07-17T16:35:10
Updated: 2019-07-17T16:35:10
Reserved: 2019-03-20T00:00:00
Link: CVE-2019-1010091
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-07-17T17:15:13.200
Modified: 2020-08-11T15:45:14.117
Link: CVE-2019-1010091
JSON object: View
Redhat Information
No data.
CWE