Description
TinyMCE before 4.9.7 and 5.x before 5.1.4 allows XSS in the core parser, the paste plugin, and the visualchars plugin by using the clipboard or APIs to insert content into the editor.
Remediation
References
Related Vulnerabilities
WordPress Plugin Theme Blvd Shortcodes Multiple Security Bypass Vulnerabilities (1.5.2)
Apache Tomcat Other Vulnerability (CVE-2000-0760)
SharePoint CVE-2023-38177 Vulnerability (CVE-2023-38177)
WordPress Plugin PowerPack for Beaver Builder Privilege Escalation (2.33.0)
Oracle Database Server CVE-2012-3151 Vulnerability (CVE-2012-3151)