At Tiny, we take security seriously and will investigate all potential security risk notifications with urgency.
To report a potential security vulnerability, contact our Security team at [email protected].
In line with the United States National Infrastructure Advisory Council (NIAC) Vulnerability Disclosure Framework, Tiny requests community members reporting potential security vulnerabilities maintain the confidentiality of their report and discovery until Tiny has investigated the issue and taken action to fix it.
Tiny will communicate with you regarding the status of your report and will, with your permission, publicly attribute the security issue’s discovery to you after the issue has been fixed and disclosed.
For details on how to report security issues to Tiny, refer to the Reporting TinyMCE security issues documentation.
Tiny Technologies, Inc. supports the following community versions of TinyMCE:
| Version | Supported |
|---|---|
| 5.10.x | ✔ |
| 6.5.x | ✔ |
| Other | ✖ |
For supported enterprise versions of TinyMCE, refer to the enterprise Supported TinyMCE versions documentation.