Description
Cross-site scripting (XSS) vulnerability in the click enlarge functionality in TYPO3 4.3.x before 4.3.9 and 4.4.x before 4.4.5 when the caching framework is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Remediation
References
Related Vulnerabilities
WordPress Plugin YouTube Gallery-Best YouTube Video Gallery Cross-Site Scripting (3.2.1)
OpenSSL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2018-0737)
WordPress Plugin Tierra's Billboard Manager SQL Injection (1.14)
WordPress Direct Request ('Forced Browsing') Vulnerability (CVE-2005-1688)