TinyMCE security fix (OpenMage#4157)

* Rector: CQ - UnusedForeachValueToArrayKeysRector (#1)

* Rector: CQ - UnusedForeachValueToArrayKeysRector

See Rector\CodeQuality\Rector\Foreach_\UnusedForeachValueToArrayKeysRector

* fixes + phpstan

See fix at rector: rectorphp/rector-src#6164

* Security fix for TinyMCE

- see GHSA-5359-pvf2-pw78

* Revert "Rector: CQ - UnusedForeachValueToArrayKeysRector (#1)"

This reverts commit 3d7eaf6.

Author: sreichel

js/mage/adminhtml/wysiwyg/tinymce/setup.js

@@ -90,6 +90,7 @@ tinyMceWysiwygSetup.prototype =
             automatic_uploads: false,
             branding: false,
             promotion: false,
+            convert_unsafe_embeds: true, // default in TinyMCE v7.0
             convert_urls: false,
             relative_urls: true,
             skin: this.config.skin,