Search for packages
| purl | pkg:pypi/django-tinymce@2.0.4 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-4v71-gmu2-akgq
Aliases: CVE-2024-38356 GHSA-9hcv-j9pv-qmph |
Duplicate This advisory duplicates another. |
Affected by 0 other vulnerabilities. |
|
VCID-nqmt-kv4x-juhy
Aliases: CVE-2024-38357 GHSA-w9jx-4g6g-rp7x |
TinyMCE Cross-Site Scripting (XSS) vulnerability using noscript elements A [cross-site scripting (XSS)](https://owasp.org/www-community/attacks/xss/) vulnerability was discovered in TinyMCE’s content parsing code. This allowed specially crafted noscript elements containing malicious code to be executed when that content was loaded into the editor. |
Affected by 0 other vulnerabilities. |
|
VCID-vyvk-n5gm-1uc8
Aliases: CVE-2024-21910 GHSA-r8hm-w5f7-wj39 GMS-2021-133 GMS-2021-164 GMS-2021-192 GMS-2021-8 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in TinyMCE. |
Affected by 2 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-06T05:08:57.324453+00:00 | GitLab Importer | Affected by | VCID-nqmt-kv4x-juhy | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/django-tinymce/CVE-2024-38357.yml | 38.6.0 |
| 2026-06-06T05:08:55.876440+00:00 | GitLab Importer | Affected by | VCID-4v71-gmu2-akgq | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/django-tinymce/CVE-2024-38356.yml | 38.6.0 |
| 2026-06-06T01:04:37.689925+00:00 | GitLab Importer | Affected by | VCID-vyvk-n5gm-1uc8 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/django-tinymce/GMS-2021-8.yml | 38.6.0 |