WEB APPLICATION VULNERABILITIES Standard & Premium

TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-3665)

Description

TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows XSS on the Extension Manager.

Remediation

References

Related Vulnerabilities

Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-42029)

Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2011-3192)

Oracle JRE CVE-2018-2602 Vulnerability (CVE-2018-2602)

WordPress Plugin Unlimited Elements For Elementor (Free Widgets, Addons, Templates) Cross-Site Scripting (1.5.107)

WordPress Plugin Gutenberg Blocks by WordPress Download Manager Cross-Site Scripting (2.1.8)

Severity

Medium

Classification

CVE-2010-3665 CWE-707 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities