[Git][security-tracker-team/security-tracker][master] Add CVE-2022-23494/tinymce

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
644e5cb5 by Salvatore Bonaccorso at 2022-12-15T21:48:22+01:00
Add CVE-2022-23494/tinymce

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -70957,7 +70957,10 @@ CVE-2022-23496 (Yet Another UserAgent Analyzer (Yauaa) is a java library that tr
 CVE-2022-23495 (go-merkledag implements the 'DAGService' interface and adds two ipld n ...)
 	TODO: check
 CVE-2022-23494 (tinymce is an open source rich text editor. A cross-site scripting (XS ...)
-	TODO: check
+	- tinymce <removed>
+	NOTE: https://github.com/tinymce/tinymce/commit/6923d85eba6de3e08ebc9c5a387b5abdaa21150e
+	NOTE: https://github.com/tinymce/tinymce/commit/8bb2d2646d4e1a718fce61a775fa22e9d317b32d
+	NOTE: https://github.com/tinymce/tinymce/security/advisories/GHSA-gg8r-xjwq-4w92
 CVE-2022-23493 (xrdp is an open source project which provides a graphical login to rem ...)
 	- xrdp <unfixed> (bug #1025879)
 	NOTE: https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-59wp-3wq6-jh5v



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/644e5cb573c1f26c37f255a462a1d1aeb5fd0ed0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/644e5cb573c1f26c37f255a462a1d1aeb5fd0ed0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221215/521c8fc6/attachment.htm>