Closed sks444 closed 2 years ago
Is this get fixed ? Github still warning about XSS issue when using this package.
v3.3.0 on PyPI installs TinyMCE 5.5.0, which includes the vulnerability.
master
branch here appears more up-to-date, with TinyMCE 5.10.1 as of a couple weeks back.
Any timeline for a new version release on PyPI to bring in this update?
3.4.0 was released today.
Suggest updating this vuln with the patched version, as well: https://github.com/advisories/GHSA-r8hm-w5f7-wj39
Thanks for the updated release!
Fixed in 5.6.0 https://github.com/tinymce/tinymce/security/advisories/GHSA-w7jx-j77m-wp65
Fixed in 5.7.1 https://github.com/tinymce/tinymce/security/advisories/GHSA-5vm8-hhgr-jcjp