TinyMCE Upgraded to Version 7.3 in October Security Patches
Security-driven upgrade addresses CVE-2024-38357 vulnerability across all supported release lines, improving editor safety for Adobe Commerce merchants.
TinyMCE Upgraded to Version 7.3 in October Security Patches
Adobe Commerce has released critical security patches in October 2024 that include a significant upgrade to TinyMCE, the rich text editor embedded within the platform. This update addresses CVE-2024-38357, a security vulnerability that affects all supported release lines of Adobe Commerce.
What's Changed
The upgrade to TinyMCE 7.3 brings enhanced security controls and stabilises the editor functionality across the platform. This update is particularly important for merchants who rely on TinyMCE for content creation, product descriptions, and CMS page editing.
The vulnerability addressed in this patch could potentially allow unauthorised actors to exploit the editor, making this a critical security update for any Adobe Commerce installation. Adobe has applied this patch across all supported versions, ensuring that merchants regardless of their release line receive the necessary protection.
Technical Details and Significance
CVE-2024-38357 represented a meaningful security risk within the editor's core functionality. The upgrade to TinyMCE 7.3 not only patches the vulnerability but also modernises the editor with improved code stability and performance enhancements.
For merchants managing multiple stores or content-heavy catalogues, this update ensures that your editorial tools remain secure whilst maintaining the functionality you depend on for daily operations. The patch has been tested across all supported Adobe Commerce versions to guarantee compatibility.
What Merchants Should Do
We recommend applying the October security patches as soon as possible. If your implementation includes custom extensions or modifications to TinyMCE, test the update in a staging environment first to ensure compatibility with your customisations.
The security-first approach in this update reflects Adobe's commitment to keeping the platform robust and trustworthy. For merchants prioritising content security and editor reliability, this upgrade delivers meaningful improvements to your operational security posture.
Want to read more insights?
View All ArticlesRelated Articles
Continue reading with these related insights and updates from our team.
Product Recommendations Category Filter Fix Released
Product Recommendations category filter now respects store-view boundaries, preventing cross-store recommendation contamination.
October 2024: Supply Chain Security Updates
Tighter dependency control, CI/CD hygiene and vendor access reviews.
Live Search Advanced Search Capabilities Beta Launches
Live Search Advanced Search Beta introduces layered search with startsWith and contains operators for sophisticated product discovery.
Explore More Solutions
Adobe Commerce (Magento) Development
Expert Adobe Commerce (Magento) and Magento development in London
E-commerce Strategy
Strategic e-commerce consulting for digital growth
SEO Optimisation
Technical SEO for e-commerce websites
Design & UX
User experience design for e-commerce conversion