Description

Multiple cross-site scripting (XSS) vulnerabilities in the Install Tool in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2010-5100

Related Vulnerabilities

WordPress Plugin Registration Forms-User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Security Bypass (3.8.1.2)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0123)

MySQL CVE-2012-0578 Vulnerability (CVE-2012-0578)

WordPress Plugin Welcart e-Commerce PHP Object Injection (1.9.9)

PostgreSQL Resource Management Errors Vulnerability (CVE-2012-2655)

Severity

Low

Classification

CVE-2010-5100 CWE-707

Tags

Missing Update Known Vulnerabilities