MSA-23-0013: XSS risk in TinyMCE alerts (upstream)
|
System information
|
| |
|
|
Affected software |
PHP |
Description
|
by Michael Hawkins. The TinyMCE editor included with Moodle required a security patch to be applied to fix an XSS risk.Severity/Risk:MinorVersions affected:4.1 to 4.1.1Versions fixed:4.1.2Reported by:Andrew LyonsCVE identifier:CVE-2022-23494Changes (master):N/ATracker issue:MDL-77470 XSS risk in TinyMCE alerts (upstream)
More info:
https://moodle.org/mod/forum/discuss.php?d=445070&parent=1788903 |
Standar resources
|
|
Property |
Value |
|
CVE |
CVE-2022-23494. |
