Vulnerability in EPiServer.Forms

Try our conversational search powered by Generative AI!

AI OnAI Off

Tinymce: Remaining URL of links gets corrupted after publish

Found in

EPiServer.CMS.TinyMce 2.9.0

Fixed in

EPiServer.CMS.UI 11.23.3

Created

Nov 29, 2019

Updated

Dec 20, 2019

Area

CMS UI

State

Closed, Fixed and tested

Description

Within the tinyMCE editor, if you add a Remaining URL on a link that contains special characters, it gets corrupted after publish.

Example: before publish "?test%20check=1". After publish "?test%2Bcheck=1"
%20 has been changed to %2B

Steps to reproduce
1. In a tinymce editor, create a link to an internal page and append the following as the Remaining Url: ?page=D S.
2. Publish changes and check how the link is rendered on UI => the Remaining Url should render as ?page=D+S.
3. Open the link in tinymce again and add a title to it.
4. Publish again.
5. Check how the link is rendered in the UI.

Expected
The Remaining Url should render as ?page=D+S

Actual
The Remaining Url renders as ?page=D%2bS