Description
Cross-site scripting (XSS) vulnerability in the Install Tool subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before 4.1.13, 4.2.x before 4.2.10, and 4.3.x before 4.3beta2 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.
Remediation
References
Related Vulnerabilities
Drupal Improper Authentication Vulnerability (CVE-2010-3686)
PHP Other Vulnerability (CVE-2021-21707)
WordPress Plugin Analytics-Gtag Restricted File Upload (1.8.1)
XWiki Missing Authorization Vulnerability (CVE-2023-41046)
WordPress Plugin AB Google Map Travel (AB-MAP) Multiple Vulnerabilities (3.4)