TinyMCE Cross-Site Scripting (XSS) vulnerability #407
Labels
status:stale
An issue that has been left with no response for an extended period of time.
Comments
|
There is a lot more vulnerabilities would be nice to get update to |
|
We are working on an update to the vue package. |
|
@Afraithe Awesome, can't wait! |
Closed
|
@Afraithe any word on a new version? |
|
Looks like this issue should be resolved with #408 |
|
This issue is stale because it has been open 30 days with no activity. Please comment if you wish to keep this issue open or it will be closed in 7 days. |
tiny-stale-bot
added
the
status:stale
|
This has now been fixed in a recent release, closing. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi! Just reaching out about the update status of tinymce-vue. Got a heads up from npm today about an XSS bug in TinyMCE, set to be fixed in version 7.0.
TinyMCE Cross-Site Scripting (XSS) vulnerability in handling external SVG files through Object or Embed elements - https://github.com/advisories/GHSA-5359-pvf2-pw78If there's any chance we'll see an update roll out soon to address this?
Thanks a bunch!
The text was updated successfully, but these errors were encountered: