Description

Multiple cross-site scripting (XSS) vulnerabilities in unspecified frontend components in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allow remote authenticated editors to inject arbitrary web script or HTML via unknown vectors.

Remediation

References

CVE-2015-8758

Related Vulnerabilities

PHP Integer Overflow or Wraparound Vulnerability (CVE-2016-10159)

Drupal Core 8.x.x Remote Code Execution (8.0.0 - 8.3.8)

WordPress Plugin Header Footer Code Manager Cross-Site Scripting (1.1.16)

Oracle Database Server CVE-2010-0851 Vulnerability (CVE-2010-0851)

WordPress Plugin Rating-Widget:Star Review System Cross-Site Scripting (2.8.8)

Severity

Medium

Classification

CVE-2015-8758 CWE-707 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities