Pull Request resolves # .

• I read the Generative AI policy and my contribution is either not created with the help of AI or is compatible with the policy and GNU/GPL 2 or later.

Summary of Changes

Updates tinymce to 8.6.0 and the translations

After discussion with @SniperSister this has been made against 6.1 and replaces #47760

Testing Instructions

Apply pr and then npm i otherwise test using the prebuilt package

Actual result BEFORE applying this Pull Request

tinymce 8.3.2

Expected result AFTER applying this Pull Request

tinymce 8.6.0

Changelog

8.6.0 - 2026-06-03
Improved
Updated the bundled DOMPurify dependency to the latest version.

8.5.1 - 2026-05-20

Security
Fixed stored XSS vulnerability using media plugin data-mce-object injection.

Fixed stored XSS vulnerability through mce:protected comments.

Fixed stored XSS vulnerability through data-mce- prefixed src, href, style attributes.

8.5.0 - 2026-04-29

Added
New content_language option to set the lang attribute on the iframe’s html element or the inline editor’s target element.

Improved
Improved visual styling of inline diff highlights in Suggested Edits and TinyMCE AI plugin.

Fixed
URIs with non-Latin1 characters were returning an error.

Alert and confirm dialogs were not announced properly by some screen readers.

Certain selections would delete the editor body, causing issues.
Certain combinations of divs inside of lists would cause issues turning off lists.
Script elements would incorrectly be removed by DomPurify when considered valid in the schema.
Iframe elements with children would incorrectly be removed by DomPurify.

8.4.0 - 2026-02-04

Added
New view_show option to display a specified view on initialization.

New errorHandler option for dropzone dialog components.

The noneditable feature can now be disabled with the new allow_noneditable option. #TINY-10121

Editor option content_id for uniquely identifying the edited document.

New table_default_header_rows and table_default_header_cols options to set the default header size for new tables.

Improved
The file upload feature of link and image dialogs now provide feedback when an unsupported file type is selected.

Directionality buttons now only appear active when directionality is set on the selected block.

Directionality buttons now always toggle the directionality attribute on selected blocks.

Changed
The border-color style with multiple rgb colors would be compressed into border incorrectly.

Element Path now uses the ARIA-role "group" with an aria-label.

Fixed
The link dialog now allows uploading empty files.

Bundled content CSS is now loaded into preview iframes.

Attempting to remove a link after a contentEditable="false" element was not possible.
Some formatting was not applied to items in multilevel list.

Dialogs did not retain focus when using the block/unblock API.

Setting width via Table Properties did not apply when table_style_by_css was false.

Security
Updated DOMPurify version to 3.3.2.

Link to documentations

Please select:

• Documentation link for guide.joomla.org:

• No documentation changes for guide.joomla.org needed

• Pull Request link for manual.joomla.org:

• No documentation changes for manual.joomla.org needed