Description

Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the admin panel.

Remediation

References

CVE-2011-4629

Related Vulnerabilities

Oracle Database Server CVE-2011-2231 Vulnerability (CVE-2011-2231)

WordPress Ultimate Member Plugin Improper Privilege Management Vulnerability (CVE-2020-36156)

phpMyAdmin Improper Input Validation Vulnerability (CVE-2017-1000018)

WebLogic Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-11987)

Drupal Incorrect Authorization Vulnerability (CVE-2025-31673)

Severity

Medium

Classification

CVE-2011-4629 CWE-707 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities