Description

Cross-site scripting (XSS) vulnerability in the Exception Handler in TYPO3 4.4.x before 4.4.15, 4.5.x before 4.5.15, 4.6.x before 4.6.8, and 4.7 allows remote attackers to inject arbitrary web script or HTML via exception messages.

Remediation

References

CVE-2012-2112

Related Vulnerabilities

Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2019-10097)

WordPress Plugin Product Filter for WooCommerce Security Bypass (8.1.1)

WordPress Plugin Yasr-Yet Another Stars Rating Unspecified Vulnerability (1.3.2)

WordPress Plugin WordPress Download Manager Cross-Site Request Forgery (2.8.99)

WordPress Plugin Post Lists View Custom Cross-Site Scripting (1.7.1)

Severity

Medium

Classification

CVE-2012-2112 CWE-707

Tags

Missing Update Known Vulnerabilities