Vulnerability — CVE-2024-21908

CVE-2024-21908

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2024-21908
Description:: TinyMCE versions before 5.9.0 are affected by a stored cross-site scripting vulnerability. An unauthenticated and remote attacker could insert crafted HTML into the editor resulting in arbitrary JavaScript execution in another user's browser.
Last updated date:: 01/08/2024

Type:: exploit
Confidence:: HIGH
Date of publishing:: 01/08/2024
Reference url to background: https://github.com/advisories/GHSA-5h9g-x5rv-25wg

Type:: exploit
Confidence:: HIGH
Date of publishing:: 01/08/2024
Reference url to background: https://github.com/tinymce/tinymce/security/advisories/GHSA-5h9g-x5rv-25wg