TinyMCE 6.7.2

These are the Tiny Cloud and TinyMCE Enterprise release notes. For information on the latest community version of TinyMCE, see the TinyMCE Changelog.


TinyMCE 6.7.2 was released for TinyMCE Enterprise and Tiny Cloud on Wednesday, November 1st, 2023. These release notes provide an overview of the changes for TinyMCE 6.7.2, including:

Accompanying Premium self-hosted server-side component changes

The TinyMCE 6.7.2 release includes accompanying changes affecting the TinyMCE self-hosted services for the following plugins:

  • Enhanced Media Embed plugin mediaembed.

  • Export plugin export.

  • Enhanced Image Editing plugin editimage.

  • Link Checker plugin linkchecker.

  • Spell Checker Pro plugin tinymcespellchecker.

  • Spelling Autocorrect plugin autocorrect.

For information on:

The Java server-side components have been updated to the following versions:

  • ephox-hyperlinking.war: 2.105.20

  • ephox-image-proxy.war: 2.106.8

  • ephox-spelling.war: 2.118.15

Service log level was changed from DEBUG to INFO, to reduce logs verbosity and gain more clarity.

Updating the self-hosted server-side components

The new versions of the server-side services provide updates for the Java-based server-side components. To deploy the updated version of the server-side components:

  1. Update your Java Application Server to the minimum required version:

    • Eclipse Jetty:

      • 9.4+

    • WebSphere Application Server (WAS) 8 or later

    • Apache Tomcat:

      • 10 (See note below)

      • 9+

      • 8.5.12+

      • 8.0.42+

      • 7.0.76+

      Tomcat 10 will require WAR files to be placed in the webapp-javaee directory rather than the webapps directory due to the change to Jakarta servlets. Jetty 11 is not currently supported due to this change.
  2. Replace the existing server-side .war files with the .war files bundled with TinyMCE 6.7.2 or later.

For information on:

There are no functionality changes in these updated server-side components.

Bug fixes

TinyMCE 6.7.2 also includes the following bug fixes:

The function getModifierState did not work on events passed through the editor as expected.

The exception error "Uncaught TypeError: Illegal invocation" was displayed in the console, when an integrator called the 'getModifierState' function on a keydown event object.

As a consequence, any attempts to invoke this function resulted in the TypeError being displayed in the console.

TinyMCE 6.7.2 addresses this, now, when a integrator uses the getModifierState on the event object a keydown event no longer triggers an error.

Indenting or outdenting a list item that contained non list item siblings after it would result in those siblings being removed.

Previously, when the editor encounter’s a list inside an <li> element, the editor would only account for scenarios where the list is either the first or last element within the <li>. In such cases, TinyMCE would treat the content contained within the <li> as plain HTML, disregarding any nested lists.

Consequently, when dealing with a structure like the following:


the editor would encounter problems when attempting to apply list-related actions, such as indentation, to the inner list.

TinyMCE 6.7.2 addresses this issue, now, when an <li> contains both non-list elements at its beginning and end, and also contains a nested list, the editor now will consider actions on the nested list independently, instead of treating the entire content as a single block.

As a result, the actions of indenting and unindenting a nested list now work as expected.

Removed use of async for editor rendering which caused visual blinking when reloading the editor in-place.

In contrast to TinyMCE version 5, where the editor would initiate rendering without waiting for the completion of CSS loading, in version 6, the editor instance now deliberately synchronizes with the loading of CSS. This modification aims to prevent flickering by ensuring that the necessary styles have finished loading before proceeding with the rendering process.

TinyMCE 6.7.2 addresses this, by once again blocking the render function from loading the CSS in parallel with other actions necessary for displaying the editor.

As a result, the editor no longer renders the flicker previously displayed when the editor is refreshed.

Toggling a list that contained a list item element — <li> — which, in turn, contained another list item element as its first child, removed other content within the first list item element.

When a user attempted to indent or outdent a list element inside a nested list, the list was converted into a model which resulted in it being recreated from that model.

As a consequence of this, the model would not handle a list and a not-list items inside a <li> element, which resulted in content deletion of the not-list item inside the <li> structures like:


In addition, when the editor would try to manage comments at the <li> element level, a console error would be thrown resulting in all other elements being ignored.

TinyMCE 6.7.2 addresses this issue, now, our model correctly manages comments and other elements when they are preceded from a list inside an li, and the errors are no longer present.

Security fixes

TinyMCE 6.7.2 includes one fix for the following security issue:

The following server-side component has been updated to include dependency updates addressing the following security issues.

This update is considered as a High severity vulnerability fix.

For information on the server-side components updates, see: Accompanying Premium self-hosted server-side component changes.

There are no functionality changes in these updated server-side components.