We have just had a PEN test carried out on one of our customer sites and they have found issues with version 4 of Tinymce in Umbraco version 8 and I
assume the same issues also found in the version 10 sites we have.
Is there any plans to update version 10 LTS to the later version of Tinymce where the bugs not present.
It seems a bit over the top to have to upgrade a new version 10 site 10 Umbraco 11+ to fix the issue.
IS version 10 ever going to get Tinymce Version 5 or 6???
Bug
CVEs CVE-2023-26116
CVE-2023-48219
CVE-2023-4581
This is a companion discussion topic for the original entry at https://our.umbraco.com/forum/113366-tinymce-version-49x-securely-issue