UBUNTU-CVE-2023-45819

TinyMCE is an open source rich text editor. A cross-site scripting XSS vulnerability was discovered in TinyMCE’s Notification Manager API. The vulnerability exploits TinyMCE's unfiltered notification system, which is used in error handling. The conditions for this exploit requires carefully craft...

CVE-2023-45819 Cross-site Scripting vulnerability in TinyMCE notificationManager.open API

TinyMCE is an open source rich text editor. A cross-site scripting XSS vulnerability was discovered in TinyMCE’s Notification Manager API. The vulnerability exploits TinyMCE's unfiltered notification system, which is used in error handling. The conditions for this exploit requires carefully craft...

CVE-2023-45819

CVE-2023-45819 is a cross-site scripting vulnerability in TinyMCE’s Notification Manager API. An attacker could trigger arbitrary JavaScript execution by injecting unfiltered HTML into a notification text displayed in the TinyMCE UI for the current user, requiring crafted content and a notificati...

CVE-2023-45819 Cross-site Scripting vulnerability in TinyMCE notificationManager.open API

TinyMCE is an open source rich text editor. A cross-site scripting XSS vulnerability was discovered in TinyMCE’s Notification Manager API. The vulnerability exploits TinyMCE's unfiltered notification system, which is used in error handling. The conditions for this exploit requires carefully craft...

CVE-2023-45819

Removed by vendor...

CVE-2023-45819 Cross-site Scripting vulnerability in TinyMCE notificationManager.open API

TinyMCE is an open source rich text editor. A cross-site scripting XSS vulnerability was discovered in TinyMCE’s Notification Manager API. The vulnerability exploits TinyMCE's unfiltered notification system, which is used in error handling. The conditions for this exploit requires carefully craft...

GHSA-HGQX-R2HP-JR38 TinyMCE XSS vulnerability in notificationManager.open API

Impact A cross-site scripting XSS vulnerability was discovered in TinyMCE’s Notification Manager API. The vulnerability exploits TinyMCE's unfiltered notification system, which is used in error handling. The conditions for this exploit requires carefully crafted malicious content to have been...

TinyMCE XSS vulnerability in notificationManager.open API

Impact A cross-site scripting XSS vulnerability was discovered in TinyMCE’s Notification Manager API. The vulnerability exploits TinyMCE's unfiltered notification system, which is used in error handling. The conditions for this exploit requires carefully crafted malicious content to have been...

Tiny Technologies TinyMCE Cross-Site Scripting Vulnerability

Tiny Technologies TinyMCE is a rich text editor from Tiny Technologies. A security vulnerability exists in TinyMCE, which stems from a cross-site scripting XSS vulnerability discovered in TinyMCE's Notification Manager API...

PT-2023-29708 · Tinymce · Tinymce

Name of the Vulnerable Software and Affected Versions: TinyMCE versions prior to 5.10.8 TinyMCE versions prior to 6.7.1 Description: A cross-site scripting XSS vulnerability was discovered in TinyMCE’s Notification Manager API. The vulnerability exploits TinyMCE's unfiltered notification system,...

CVE-2023-21191

In fixNotification of NotificationManagerService.java, there is a possible bypass of notification hide preference due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

PT-2023-17979 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android version Android-13 Description: In the fixNotification function of NotificationManagerService.java, a logic error in the code can lead to a bypass of notification hide preference. This issue could result in local escalation of privile...

PT-2022-14699 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-12 through Android-13 Description: The issue is related to the createNotificationChannel function in NotificationManager.java, which can cause resource exhaustion, making the device unusable and requiring a factory...

CVE-2022-20448

In buzzBeepBlinkLocked of NotificationManagerService.java, there is a possible way to share data across users due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

UBUNTU-CVE-2022-20448

In buzzBeepBlinkLocked of NotificationManagerService.java, there is a possible way to share data across users due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2022-39867

Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via SHOWPERSISTENTBANNER broadcast...

CVE-2022-39870

Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via PUSHMESSAGERECEIVED broadcast...

CVE-2022-39871

Improper access control vulnerability cloudNotificationManager.java in SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcasts...

CVE-2022-39869

Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via REMOVEPERSISTENTBANNER broadcast...

CVE-2022-39869

Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via REMOVEPERSISTENTBANNER broadcast...