security/vuxml: Document drupal9 multiple vulnerabilities

author: Wen Heping <wen@FreeBSD.org> 2022-08-20 01:24:38 +0000
committer: Wen Heping <wen@FreeBSD.org> 2022-08-20 01:24:38 +0000
commit: 19a99e242c50c0ac77d9717518e783d210e5e38a (patch)
tree: cb07eb363bf444b785027920f832c1708f4d509e
parent: 06ed96c90ab5924d922ed6d731f2568a87294522 (diff)
download: ports-19a99e242c50c0ac77d9717518e783d210e5e38a.tar.gz
ports-19a99e242c50c0ac77d9717518e783d210e5e38a.zip
1 files changed, 27 insertions, 0 deletions
diff --git a/security/vuxml/vuln-2022.xml b/security/vuxml/vuln-2022.xml
index 5621c3c61707..0a261cc3b972 100644
--- a/security/vuxml/vuln-2022.xml
+++ b/security/vuxml/vuln-2022.xml
@@ -1,3 +1,30 @@
+  <vuln vid="03bb8373-2026-11ed-9d70-080027240888">
+    <topic>drupal9 -- multiple vulnerabilities</topic>
+    <affects>
+      <package>
+	<name>drupal9</name>
+	<range><lt>9.4.5</lt></range>
+      </package>
+    </affects>
+    <description>
+      <body xmlns="http://www.w3.org/1999/xhtml">
+	<p>Drupal reports:</p>
+	<blockquote cite="https://www.drupal.org/project/drupal/releases/9.4.5">
+	  <p>CVE-2022-31175: Cross-site scripting (XSS) caused by the editor
+	     instance destroying process.</p>
+	</blockquote>
+      </body>
+    </description>
+    <references>
+      <cvename>CVE-2022-31175</cvename>
+      <url>https://www.drupal.org/project/drupal/releases/9.4.5</url>
+    </references>
+    <dates>
+      <discovery>2022-08-01</discovery>
+      <entry>2022-08-20</entry>
+    </dates>
+  </vuln>
+
   <vuln vid="f12368a8-1e05-11ed-a1ef-3065ec8fd3ec">
     <topic>chromium -- multiple vulnerabilities</topic>
     <affects>
author	Wen Heping <wen@FreeBSD.org>	2022-08-20 01:24:38 +0000
committer	Wen Heping <wen@FreeBSD.org>	2022-08-20 01:24:38 +0000
commit	19a99e242c50c0ac77d9717518e783d210e5e38a (patch)
tree	cb07eb363bf444b785027920f832c1708f4d509e
parent	06ed96c90ab5924d922ed6d731f2568a87294522 (diff)
download	ports-19a99e242c50c0ac77d9717518e783d210e5e38a.tar.gz ports-19a99e242c50c0ac77d9717518e783d210e5e38a.zip