mahara-contributors team mailing list archive

Thread
Date

[Bug 1962805] A patch has been submitted for review

To: mahara-contributors@xxxxxxxxxxxxxxxxxxx
From: Mahara Bot <1962805@xxxxxxxxxxxxxxxxxx>
Date: Thu, 03 Mar 2022 21:38:25 -0000
Reply-to: Bug 1962805 <1962805@xxxxxxxxxxxxxxxxxx>
Sender: noreply@xxxxxxxxxxxxx

Patch for "main" branch: https://reviews.mahara.org/12465

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
Matching subscriptions: mahara-contributors
https://bugs.launchpad.net/bugs/1962805

Title:
  Upgrade TinyMCE from 5.8.2 to 5.10.2

Status in Mahara:
  New

Bug description:
  https://www.tiny.cloud/blog/new-release-tinymce-5-10/

      An upgrade to our Dom API to enhance URL security 
      Adding user-friendly enhancement to our VK API 
      Added ability for engineers to turn off deprecation console warning messages 
      Upgrades to our element API, relating to scrolling 

  
  https://www.tiny.cloud/docs/release-notes/release-notes510/
  Security fixes

  TinyMCE 5.10 provides fixes for the following security issues.

  Fixed URLs not cleaned correctly in some cases in the link and image
  plugins. This caused a medium severity Cross Site Scripting (XSS)
  vulnerability. Tiny Technologies would like to thank Yakir6 for
  discovering this vulnerability.

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1962805/+subscriptions

References

[Bug 1962805] [NEW] Upgrade TinyMCE from 5.8.2 to 5.10.2
From: Dianne Tennent, 2022-03-03