Description
Cross-site scripting (XSS) vulnerability in the Extension Manager in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to extension data during an extension installation.
Remediation
References
Related Vulnerabilities
WordPress Plugin Malware Scanner Unspecified Vulnerability (4.7.3)
Grafana Missing Authorization Vulnerability (CVE-2023-2183)
WordPress Plugin Integration for Contact Form 7 and ActiveCampaign Cross-Site Scripting (1.0.3)
PrestaShop Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3796)