Description

Multiple cross-site scripting (XSS) vulnerabilities in the Backend component in TYPO3 4.4.0 through 4.4.13, 4.5.0 through 4.5.13, 4.6.0 through 4.6.6, 4.7, and 6.0 allow remote authenticated backend users to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2012-1606

Related Vulnerabilities

MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-29903)

WordPress Plugin Backlink Rechecker Multiple Cross-Site Scripting Vulnerabilities (1.2.1)

PHP Other Vulnerability (CVE-2003-0863)

Magento Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-8156)

OpenSSL Improper Input Validation Vulnerability (CVE-2013-4353)

Severity

Low

Classification

CVE-2012-1606 CWE-707

Tags

Missing Update Known Vulnerabilities