Description

Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the system extension recycler.

Remediation

References

CVE-2011-4631

Related Vulnerabilities

Magento Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-9591)

PHP Out-of-bounds Read Vulnerability (CVE-2017-12933)

WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Multiple SQL Injection Vulnerabilities (3.8.2)

WordPress Plugin WordPress Popular Posts Cross-Site Scripting (5.3.5)

MySQL CVE-2013-5908 Vulnerability (CVE-2013-5908)

Severity

Medium

Classification

CVE-2011-4631 CWE-707 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities