Description

Multiple cross-site scripting (XSS) vulnerabilities in the Install Tool in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2010-5100

Related Vulnerabilities

Plone CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-1000481)

WordPress Plugin Smart Marketing SMS and Newsletters Forms Security Bypass (2.6.1)

WordPress Plugin Slider Revolution Responsive Local File Inclusion (4.1.4)

WordPress Plugin Shortlinks by Pretty Links-Best WordPress Link Tracking Multiple SQL Injection Vulnerabilities (1.4.56)

Oracle Database Server CVE-2012-3151 Vulnerability (CVE-2012-3151)

Severity

Low

Classification

CVE-2010-5100 CWE-707

Tags

Missing Update Known Vulnerabilities