Synopsis
TinyMCE < 4.9.11 Cross-Site Scripting
Description
According to its self-reported version number, TinyMCE is prior to 4.9.11 or 5.x prior to 5.4.1. Therefore, it may be affected by a cross-site scripting vulnerability in the editor via the clipboard or APIs.
Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Upgrade to TinyMCE version 4.9.11 or later.