TinyMCE 5 HTML Injection

TinyMCE 5 suffers from an html injection vulnerability.

MD5 | 8d10899efec7dcd3fe8064bc659cc21d

# Exploit Title: iframe Injection\Html Injection TinyMCE 5 HTML WYSIWYG
# Date:18.10.2020
# Author: Vincent666 ibn Winnie
# Software Link: https://www.tiny.cloud/features/
# Tested on: Windows 10
# Web Browser: Mozilla Firefox
# Blog : https://pentest-vincent.blogspot.com/
# PoC: https://pentest-vincent.blogspot.com/2020/10/iframehtml-injection-tinymce-5-html.html


The editor has the function of inserting an iframe, but we did not use
this option and tested other fields.

We have iframe injection in TinyMCE 5.

I use for example demo TinyMCE and Plone Cms with TinyMCE.

Our iframe injection on the demo:

Insert - Media - Embed - our iframe code.

In the demo Plone Cms:

Insert - Image - Caption - our iframe code.

If a simple user can inject his code into these fields, then he can
use it for phishing and other things.



Iframe injection video:


Html injection video :


Related Posts