Description

Cross-site scripting (XSS) vulnerability in the frontend plugin for the felogin system extension in TYPO3 4.2.0, 4.2.1 and 4.2.2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

Remediation

References

CVE-2008-5656

Related Vulnerabilities

WordPress Plugin Members Import Cross-Site Request Forgery (1.3)

Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-0790)

PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-2202)

WordPress Plugin hashtagger Unspecified Vulnerability (6)

phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-5097)

Severity

Medium

Classification

CVE-2008-5656 CWE-707

Tags

Missing Update Known Vulnerabilities