How to fix PUA.html in tiny_mce

Permalink
Hi guys,

After downloading concrete5.5.0 I wanted to check, if it's clean and found that:

concrete5.5.0/concrete/js/tiny_mce/plugins/paste/js/pasteword.js PUA.HTML.Infected.WebPage-1

Now I would like to know, how to fix that. I searched the internet and found a site, but as I am not good with java, I am not sure, what to do.

http://www.roundcubeforum.net/3-news-announcements/12-general-discu...

Anybody here, who can help and explain to me, what I have to do now?

This should be interesting not only for me.

Thanks
Jaroslaw

View Replies: View Best Answer
guythomas replied on at Permalink Best Answer Reply
guythomas
If you really wanted to patch this particular file you would need to navigate to the

concrete/js/tiny_mce/plugins/paste/js/pasteword.js

file and make the change shown in the thread you referenced:

Remove Line 8:
el.innerHTML = '<iframe id="iframe" src="javascript:\'\';" frameBorder="0" style="border: 1px solid gray"></iframe>';


and replace with:

el.innerHTML = '<' + 'iframe id="iframe" src="javascript:\'\';" frameBorder="0" style="border: 1px solid gray"></iframe>';


Save and you are done.

None of this is actually necessary, as the codes functionality is not actually changed, but if you want it to pass that virus scan, then go right ahead.
jrlas replied on at Permalink Reply
Hi,

thank you for your answer. Sometimes it's hard to see, what is obvious ;-)
Now I know, what to do and it worked fine.
Thank you.

Jaroslaw