Edgaraszs
commented
7 months ago There is a lot more vulnerabilities would be nice to get update to 7.0
Closed kburisma closed 4 months ago
Edgaraszs
commented
7 months ago There is a lot more vulnerabilities would be nice to get update to 7.0
Afraithe
commented
7 months ago We are working on an update to the vue package.
meirroth
commented
6 months ago @Afraithe Awesome, can't wait!
719media
commented
5 months ago @Afraithe any word on a new version?
meirroth
commented
5 months ago Looks like this issue should be resolved with https://github.com/tinymce/tinymce-vue/pull/408
tiny-stale-bot
commented
4 months ago This issue is stale because it has been open 30 days with no activity. Please comment if you wish to keep this issue open or it will be closed in 7 days.
danoaky-tiny
commented
4 months ago This has now been fixed in a recent release, closing.
Hi! Just reaching out about the update status of tinymce-vue. Got a heads up from npm today about an XSS bug in TinyMCE, set to be fixed in version 7.0.
TinyMCE Cross-Site Scripting (XSS) vulnerability in handling external SVG files through Object or Embed elements - https://github.com/advisories/GHSA-5359-pvf2-pw78If there's any chance we'll see an update roll out soon to address this?
Thanks a bunch!