Feeling Lucky
?
NPM Resource Changed
bug
PR-4.4-dev
[#42359] - [4.4] TinyMCE 5.10.9
- Fixed in Code Base
- 23 Nov 2023
- Medium
- Build: 4.4-dev
- # 42359
- Diff
- brianteeman:tinymce
User tests: Successful: Unsuccessful:
This is a security release
Version 5.10.9 - November 15, 2023
Changed
- Zero width no-break space (U+FEFF) characters are removed from content passed to setContent, insertContent, and resetContent APIs.
- Zero width no-break space (U+FEFF) characters in initial content are not loaded into the editor upon initialization.
Fixed
- Specific HTML content containing unescaped text nodes caused mXSS when using undo/redo.
- Specific HTML content containing unescaped text nodes caused mXSS when using the getContent and setContent APIs with the format: 'raw' option, which also affected the resetContent API and the draft restoration feature of the Autosave plugin
| Status | New | ⇒ | Pending |
joomla-cms-bot
- | Category | ⇒ | NPM Change Front End Plugins |
Fedik
- comment
- 21 Nov 2023
I have tested this item ✅ successfully on 7031c0c
This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/42359.
SniperSister
- comment
- 21 Nov 2023
I have tested this item ✅ successfully on 7031c0c
This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/42359.
| Status | Pending | ⇒ | Ready to Commit |
| Labels |
Added:
NPM Resource Changed
PR-4.4-dev
|
||
Quy
- comment
- 21 Nov 2023
RTC
This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/42359.
| Labels |
Added:
?
|
||
MacJoom
- | Status | Ready to Commit | ⇒ | Fixed in Code Base |
| Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2023-11-23 09:08:45 |
| Closed_By | ⇒ | MacJoom | |
| Labels |
Added:
?
bug
Removed: ? |
||
Note a similar update is required for tiny6 and joomla5 but I cant create it due to this bug #42356