exalate-issue-sync[bot]
commented
2 years ago Ref: INT-2740
Closed carlsixsmith-moj closed 2 years ago
exalate-issue-sync[bot]
commented
2 years ago Ref: INT-2740
jscasca
commented
2 years ago @carlsixsmith tinymce-blazor doesn't come bundled with tinymce. By default it uses the cloud version found in the stable channel ('5'), you can find more information about release channels here: https://www.tiny.cloud/docs/cloud-deployment-guide/editor-plugin-version/#5releasechannel
You can specify a particular version to use with the CloudChannel property of the blazor component or the ScriptSrc property. E.G <Editor CloudChannel="5.10.2-126" />. Although I suspect you just need to clear the cache for the default values to pick up the latest release.
When you install the TinyMCE.Blazor nuget package it uses version 5.9.2 of tinymce.
This version of tinymce has a security vulnerability (see https://github.com/advisories/GHSA-r8hm-w5f7-wj39) and GitHub dependabot recommends upgrading to versions >= 5.10.0.