Description

Cross-site scripting (XSS) vulnerability in the Backend User Administration Module in TYPO3 6.0.x before 6.0.12 and 6.1.x before 6.1.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2013-7077

Related Vulnerabilities

Apache Traffic Server Improper Input Validation Vulnerability (CVE-2022-25763)

WordPress Plugin OG Tags Cross-Site Request Forgery (2.0.1)

DataTables Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-36713)

Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2019-8159)

Contao Improper Encoding or Escaping of Output Vulnerability (CVE-2019-19714)

Severity

Medium

Classification

CVE-2013-7077 CWE-707

Tags

Missing Update Known Vulnerabilities