WEB APPLICATION VULNERABILITIES Standard & Premium

TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-3672)

Description

TYPO3 before 4.3.4 and 4.4.x before 4.4.1 allows XSS in the textarea view helper in an extbase extension.

Remediation

References

Related Vulnerabilities

phpMyFAQ Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2005-3046)

LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-5256)

WordPress Other Vulnerability (CVE-2006-6808)

WordPress 3.7.x Denial of Service Vulnerability (3.7 - 3.7.25)

Squid CVE-2019-12523 Vulnerability (CVE-2019-12523)

Severity

Medium

Classification

CVE-2010-3672 CWE-707 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities