Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
This is a security release ## Version 5.10.9 - November 15, 2023 ### Changed - Zero width no-break space (U+FEFF) characters are removed from content passed to setContent, insertContent, and resetContent APIs. - Zero width no-break space (U+FEFF) characters in initial content are not loaded into the editor upon initialization. ### Fixed -Specific HTML content containing unescaped text nodes caused mXSS when using undo/redo. -Specific HTML content containing unescaped text nodes caused mXSS when using the getContent and setContent APIs with the format: 'raw' option, which also affected the resetContent API and the draft restoration feature of the Autosave plugin
- Loading branch information