IDCVSSSummaryLast (major) updatePublished
CVE-2012-4230 4.3
The bbcode plugin in TinyMCE 3.5.8 does not properly enforce the TinyMCE security policy for the (1) encoding directive and (2) valid_elements attribute, which allows attackers to conduct cross-site scripting (XSS) attacks via application-specific ve
25-04-2014 - 13:19 25-04-2014 - 10:15
CVE-2011-4825 7.5
Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1, as used in tinymce before 1.4.2, phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1, and possibly other products, allows remote attackers to inject a
15-12-2011 - 13:03 14-12-2011 - 22:57
Back to Top Mark selected
Back to Top