Description

Cross-site scripting (XSS) vulnerability in the Backend User Administration Module in TYPO3 6.0.x before 6.0.12 and 6.1.x before 6.1.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2013-7077

Related Vulnerabilities

Jboss EAP Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') Vulnerability (CVE-2017-7536)

WordPress Plugin AI ChatBot Arbitrary File Deletion (4.9.2)

WordPress Plugin WooCommerce Address Book Cross-Site Request Forgery (1.5.6)

Moodle Improper Authorization Vulnerability (CVE-2019-14828)

WordPress Plugin Faster and Easier scroll to Top for WordPress-Smart Scroll to Top Lite includes Backdoor [Only if downloaded via the vendor website] (1.0.3)

Severity

Medium

Classification

CVE-2013-7077 CWE-707

Tags

Missing Update Known Vulnerabilities