[Git][security-tracker-team/security-tracker][master] Add two tinymce issues

Thu, 28 Mar 2024 15:06:40 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
d98bffce by Salvatore Bonaccorso at 2024-03-28T23:04:56+01:00
Add two tinymce issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1023,7 +1023,9 @@ CVE-2024-2212 (In Eclipse ThreadX before 6.4.0,  
xQueueCreate() and xQueueCreate
 CVE-2024-29883 (CreateWiki is Miraheze's MediaWiki extension for requesting & 
creating ...)
        TODO: check
 CVE-2024-29881 (TinyMCE is an open source rich text editor.  A cross-site 
scripting (X ...)
-       TODO: check
+       - tinymce <removed>
+       NOTE: 
https://github.com/tinymce/tinymce/security/advisories/GHSA-5359-pvf2-pw78
+       NOTE: 
https://github.com/tinymce/tinymce/commit/bcdea2ad14e3c2cea40743fb48c63bba067ae6d1
 CVE-2024-29833 (The image upload component allows SVG files and the regular 
expression ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-29832 (The current_url parameter of the AJAX call to the GalleryBox 
action of ...)
@@ -1041,7 +1043,9 @@ CVE-2024-29644 (Cross Site Scripting vulnerability in 
dcat-admin v.2.1.3 and bef
 CVE-2024-29401 (xzs-mysql 3.8 is vulnerable to Insufficient Session 
Expiration, which  ...)
        NOT-FOR-US: xzs-mysql
 CVE-2024-29203 (TinyMCE is an open source rich text editor. Across-site 
scripting (XSS ...)
-       TODO: check
+       - tinymce <removed>
+       NOTE: 
https://github.com/tinymce/tinymce/security/advisories/GHSA-438c-3975-5x3f
+       NOTE: 
https://github.com/tinymce/tinymce/commit/bcdea2ad14e3c2cea40743fb48c63bba067ae6d1
 CVE-2024-29197 (Pimcore is an Open Source Data & Experience Management 
Platform. Any c ...)
        NOT-FOR-US: Pimcore
 CVE-2024-28442 (Directory Traversal vulnerability in Yealink VP59 
v.91.15.0.118 allows ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d98bffceef16e3f3ea8cc9a20dd0d11e37296cf4

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d98bffceef16e3f3ea8cc9a20dd0d11e37296cf4
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to