Open kburisma opened 2 months ago
There is a lot more vulnerabilities would be nice to get update to 7.0
We are working on an update to the vue package.
@Afraithe Awesome, can't wait!
@Afraithe any word on a new version?
Looks like this issue should be resolved with https://github.com/tinymce/tinymce-vue/pull/408
Hi! Just reaching out about the update status of tinymce-vue. Got a heads up from npm today about an XSS bug in TinyMCE, set to be fixed in version 7.0.
TinyMCE Cross-Site Scripting (XSS) vulnerability in handling external SVG files through Object or Embed elements - https://github.com/advisories/GHSA-5359-pvf2-pw78
If there's any chance we'll see an update roll out soon to address this?
Thanks a bunch!