CVE-2020-17480
Description
TinyMCE before 4.9.7 and 5.x before 5.1.4 allows XSS in the core parser, the paste plugin, and the visualchars plugin by using the clipboard or APIs to insert content into the editor.
Risk Information
Base Score
6.1
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS Score
Exploitation Probability
0.462
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2020-17480 are fixed in Nuget - TinyMCE 4.9.7 | Windows |
| Vulnerabilities CVE-2020-17480 are fixed in Nuget - TinyMCE 5.1.4 | Windows |
| Vulnerabilities CVE-2020-17480 are fixed in Nuget - TinyMCE for Linux 4.9.7 | Linux |
| Vulnerabilities CVE-2020-17480 are fixed in Nuget - TinyMCE for Linux 5.1.4 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234