XSS issue was found in media plugin that did not properly filter out some script attributes. Upstream patch: https://github.com/tinymce/tinymce/commit/c68a5930512d7b37b5dc495bde5f7cbb739e11e7
Created tinymce tracking bugs for this issue: Affects: fedora-all [bug 1389372] Affects: epel-6 [bug 1389373]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.