Search for packages
| purl | pkg:npm/tinymce@4.9.11 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-9brg-dm6s-2ba7
Aliases: CVE-2024-21911 GHSA-w7jx-j77m-wp65 GMS-2021-193 GMS-2021-508 GMS-2021-616 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in tinymce. |
Affected by 0 other vulnerabilities. |
|
VCID-r9zu-cdb9-8ubc
Aliases: GHSA-h96f-fc7c-9r55 GMS-2021-191 |
Regex denial of service vulnerability in codesample plugin A regex denial of service (ReDoS) vulnerability was discovered in a dependency of the `codesample` plugin. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-cz6w-pdan-rfa4 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in tinymce. |
GHSA-vrv8-v4w8-f95h
GMS-2020-789 |
| VCID-qngh-qsty-nkhh | Cross-site Scripting A cross-site scripting (XSS) vulnerability in TinyMCE allows remote attackers to inject arbitrary web script when configured in classic editing mode. |
CVE-2020-12648
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-04T20:43:03.445280+00:00 | GitLab Importer | Affected by | VCID-r9zu-cdb9-8ubc | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/tinymce/GMS-2021-191.yml | 38.6.0 |
| 2026-06-04T20:43:02.574389+00:00 | GitLab Importer | Affected by | VCID-9brg-dm6s-2ba7 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/tinymce/GMS-2021-193.yml | 38.6.0 |
| 2026-06-04T16:20:10.239698+00:00 | GitLab Importer | Fixing | VCID-qngh-qsty-nkhh | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/tinymce/CVE-2020-12648.yml | 38.6.0 |
| 2026-06-04T16:20:09.951588+00:00 | GitLab Importer | Fixing | VCID-cz6w-pdan-rfa4 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/tinymce/GMS-2020-789.yml | 38.6.0 |