Skip to content

[GHSA-q742-qvgc-gc2f] TinyMCE Cross-Site Scripting (XSS) vulnerability using through data-mce- prefixed src, href, style attributes#8483

Closed
sbrinkhorst wants to merge 1 commit into
sbrinkhorst/advisory-improvement-8483from
sbrinkhorst-GHSA-q742-qvgc-gc2f
Closed

[GHSA-q742-qvgc-gc2f] TinyMCE Cross-Site Scripting (XSS) vulnerability using through data-mce- prefixed src, href, style attributes#8483
sbrinkhorst wants to merge 1 commit into
sbrinkhorst/advisory-improvement-8483from
sbrinkhorst-GHSA-q742-qvgc-gc2f

Conversation

@sbrinkhorst

Copy link
Copy Markdown

Updates

  • Affected products

Comments
If no patched version is listed, the resulting range will be> 0. This marks all versions of the library as vulnerable in various automated tooling.

@github

github commented Jul 3, 2026

Copy link
Copy Markdown
Collaborator

Hi there @MitchC1999! A community member has suggested an improvement to your security advisory. If approved, this change will affect the global advisory listed at github.com/advisories. It will not affect the version listed in your project repository.

This change will be reviewed by our Security Curation Team. If you have thoughts or feedback, please share them in a comment here! If this PR has already been closed, you can start a new community contribution for this advisory

@github-actions github-actions Bot changed the base branch from main to sbrinkhorst/advisory-improvement-8483 July 3, 2026 08:56
@advisory-database advisory-database Bot closed this Jul 6, 2026
@github-actions github-actions Bot deleted the sbrinkhorst-GHSA-q742-qvgc-gc2f branch July 6, 2026 16:34
@taladrane

Copy link
Copy Markdown
Collaborator

👋 version 5.11.1 isn't available to open source, it's only available for commercial licenses and is not published on the respective registry

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants