CVE-2020-17480
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2020-17480
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-17480.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2020-17480
- Aliases
- Related
- Published
- 2020-08-10T20:15:11Z
- Modified
- 2025-01-14T08:35:59.869125Z
- Severity
-
- 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
TinyMCE before 4.9.7 and 5.x before 5.1.4 allows XSS in the core parser, the paste plugin, and the visualchars plugin by using the clipboard or APIs to insert content into the editor.
- References
Affected packages
Git / github.com/tinymce/tinymce
Affected ranges
- Type
- GIT
- Repo
- https://github.com/tinymce/tinymce
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
2.*
2.0.7
2.0.9
2.1.1
2.1.2
3.*
3.0
3.0.1
3.0.2
3.0.2.1
3.0.3
3.0.4
3.0.5
3.0.6
3.0.7
3.0.9
3.0rc1
3.0rc2
3.1.0
3.2
3.2.0.2
3.2.1
3.2.1.1
3.2.2
3.2.2.1
3.2.2.2
3.2.3
3.2.6
3.2.7
3.3
3.3.1
3.3.2
3.3.3
3.3.4
3.3.5
3.3.6
3.3.7
3.3.8
3.3.9
3.3.9.1
3.3.9.2
3.3.9.3
3.3b1
3.3b2
3.3rc1
3.4
3.4.1
3.4.2
3.4.3
3.4.3.1
3.4.3.2
3.4.4
3.4.5
3.4.6
3.4.7
3.4.8
3.4.9
3.4b1
3.4b2
3.4b3
3.5
3.5.0.1
3.5.1
3.5.1.1
3.5.2
3.5.3
3.5.3.1
3.5.4
3.5.4.1
3.5.5
3.5.6
3.5.7
3.5.8
3.5b1
3.5b2
3.5b3
4.*
4.0
4.0.1
4.0.10
4.0.11
4.0.12
4.0.13
4.0.14
4.0.15
4.0.16
4.0.17
4.0.18
4.0.19
4.0.2
4.0.20
4.0.21
4.0.22
4.0.23
4.0.24
4.0.25
4.0.26
4.0.27
4.0.28
4.0.3
4.0.4
4.0.5
4.0.6
4.0.7
4.0.8
4.0.9
4.0b1
4.0b2
4.0b3
4.1.0
4.1.1
4.1.10
4.1.2
4.1.3
4.1.4
4.1.5
4.1.6
4.1.7
4.1.8
4.1.9
4.2.0
4.2.1
4.2.2
4.2.3
4.2.4
4.2.5
4.2.6
4.2.7
4.3.0
4.3.1
4.3.10
4.3.11
4.3.12
4.3.13
4.3.2
4.3.3
4.3.4
4.3.6
4.3.7
4.3.8
4.3.9
4.4.0
4.4.1
4.4.2
4.4.3
4.5.0
4.5.1
4.5.2
4.5.3
4.6.0
4.6.1
4.6.2
4.6.3
4.6.4
4.6.5
4.6.6
4.6.7
4.7.0
4.7.1
4.7.10
4.7.11
4.7.12
4.7.13
4.7.2
4.7.3
4.7.4
4.7.5
4.7.6
4.7.7
4.7.8
4.7.9
4.8.0
4.8.1
4.8.2
4.8.3
4.8.4
4.8.5
4.9.0
4.9.1
4.9.2
4.9.3
4.9.4
4.9.5
4.9.6