Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

tinymce

Ecosystem:
npm
Package URL:
pkg:npm/tinymce
Total PRs:
311 Dependabot PRs
Latest PR:
23 days ago
Unique Repositories:
117 repositories
Unique Repos (30 days):
5 repositories
Security Advisories
Cross-site scripting vulnerability in TinyMCE alerts
GHSA-gg8r-xjwq-4w92 CVE-2022-23494 MODERATE published over 3 years ago • updated 2 days ago
### Impact A cross-site scripting (XSS) vulnerability was discovered in the alert and confirm dialogs when these dialogs were provided with malicio...
Cross-site scripting vulnerability in TinyMCE
GHSA-5h9g-x5rv-25wg CVE-2024-21908 MODERATE published over 4 years ago • updated about 14 hours ago
### Impact A cross-site scripting (XSS) vulnerability was discovered in the schema validation logic of the core parser. The vulnerability allowed a...
XSS in TinyMCE
GHSA-c78w-2gw7-gjv3 CVE-2019-1010091 MODERATE published about 6 years ago • updated 8 days ago
### Impact A cross-site scripting (XSS) vulnerability was discovered in: the core parser and `media` plugin. The vulnerability allowed arbitrary Ja...
Cross-site scripting vulnerability in TinyMCE
GHSA-w7jx-j77m-wp65 CVE-2024-21911 MODERATE published over 5 years ago • updated 4 days ago
### Impact A cross-site scripting (XSS) vulnerability was discovered in the URL sanitization logic of the core parser. The vulnerability allowed ar...
TinyMCE Cross-Site Scripting (XSS) vulnerability through `mce:protected` comments
GHSA-v98h-vmpc-fpqv CVE-2026-47762 HIGH published 23 days ago • updated 1 day ago
### Impact Stored XSS vulnerability via forged mce:protected comments. Allows attackers to bypass sanitization and inject scripts that execute when...
View all 20 advisories
Recent PRs (filtered by: Patch PRs )
RSS Feed Clear filter
Bump tinymce from 7.9.0 to 7.9.1

EngageSoftware/DNN-JavaScript-Libraries #997

7.9.0 → 7.9.1 Patch PR
Open about 1 year ago
EngageSoftware
build(deps): bump the npm_and_yarn group across 1 directory with 8 updates

weibaohui/k8m #120

6.8.3 → 6.8.5 Patch PR
Open about 1 year ago 2 comments
weibaohui
chore(deps): bump tinymce from 5.10.5 to 5.10.9

hashicorp/web-platform-packages #249

5.10.5 → 5.10.9 Patch PR
Open over 2 years ago 3 comments
hashicorp
Bump tinymce from 5.10.0 to 5.10.9 in /tarim/app/modules/admin

algha/tarim #101

5.10.0 → 5.10.9 Patch PR
Merged over 2 years ago
algha
Bump tinymce from 6.7.0 to 6.7.3

anovsiradj/yii2-theme-mazer #62

6.7.0 → 6.7.3 Patch PR
Closed over 2 years ago 1 comment
anovsiradj
Bump tinymce from 5.10.5 to 5.10.7

warsztatywww/aplikacjawww #638

5.10.5 → 5.10.7 Patch PR
Open over 3 years ago 1 comment
warsztatywww
Bump tinymce from 5.10.2 to 5.10.7

enso-ui/documents #11

5.10.2 → 5.10.7 Patch PR
Closed over 3 years ago 2 comments
enso-ui
Bump tinymce from 5.10.0 to 5.10.7

ProcessMaker/vue-form-elements #374

5.10.0 → 5.10.7 Patch PR
Closed over 3 years ago
ProcessMaker
Package Details
Name: tinymce
Ecosystem: npm
PURL Type: npm
Package URL: pkg:npm/tinymce
JSON API: View JSON
Security Advisories

20

Active advisories
HIGH 5
MODERATE 14
LOW 1
View All npm Advisories
Package Information
Description:

Web based JavaScript HTML WYSIWYG editor control.

Repository: https://github.com/tinymce/tinymce
Homepage: https://www.tiny.cloud/
Latest Release: 7.9.1
about 1 year ago
Dependent Repos: 12,552
Dependent Packages: 1,197
Downloads: 2,752,486
Ranking: Top 0.2401% by dependent repos Top 0.2059% by downloads Top 0.0632% by dependent pkgs
PR Status
Open 144 (46.3%)
Merged 23 (7.4%)
Closed 112 (36.0%)
PR Types
Major 135 (43.4%)
Minor 84 (27.0%)
Patch 58 (18.6%)
Removal 2 (0.6%)