mirror of https://github.com/joomla/joomla-cms.git
[4.4] TinyMCE 5.10.9 (#42359)
This is a security release ## Version 5.10.9 - November 15, 2023 ### Changed - Zero width no-break space (U+FEFF) characters are removed from content passed to setContent, insertContent, and resetContent APIs. - Zero width no-break space (U+FEFF) characters in initial content are not loaded into the editor upon initialization. ### Fixed -Specific HTML content containing unescaped text nodes caused mXSS when using undo/redo. -Specific HTML content containing unescaped text nodes caused mXSS when using the getContent and setContent APIs with the format: 'raw' option, which also affected the resetContent API and the draft restoration feature of the Autosave plugin
This commit is contained in:
parent
b7c1fc9cd3
commit
49be844d5a
|
@ -9404,9 +9404,9 @@
|
|||
"integrity": "sha512-RX35iq/D+lrsqhcPWIazM9ELkjOe30MSeoBHQHSsRwd1YuhJO5ui1K1/R0r7N3mFvbLBs33idw+eR6j+w6i/DA=="
|
||||
},
|
||||
"node_modules/tinymce": {
|
||||
"version": "5.10.8",
|
||||
"resolved": "https://registry.npmjs.org/tinymce/-/tinymce-5.10.8.tgz",
|
||||
"integrity": "sha512-iyoo3VGMAJhLMDdblAefKvYgBRk9kQi58GTwAmoieqsyggGsKZWlQl/YY6nTILFHUCA1FhYu0HdmM5YYjs17UQ=="
|
||||
"version": "5.10.9",
|
||||
"resolved": "https://registry.npmjs.org/tinymce/-/tinymce-5.10.9.tgz",
|
||||
"integrity": "sha512-5bkrors87X9LhYX2xq8GgPHrIgJYHl87YNs+kBcjQ5I3CiUgzo/vFcGvT3MZQ9QHsEeYMhYO6a5CLGGffR8hMg=="
|
||||
},
|
||||
"node_modules/tippy.js": {
|
||||
"version": "6.3.7",
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<extension type="plugin" group="editors" method="upgrade">
|
||||
<name>plg_editors_tinymce</name>
|
||||
<version>5.10.8</version>
|
||||
<version>5.10.9</version>
|
||||
<creationDate>2005-08</creationDate>
|
||||
<author>Tiny Technologies, Inc</author>
|
||||
<authorEmail>N/A</authorEmail>
|
||||
|
|
Loading…
Reference in New Issue