Description
Cross-site scripting (XSS) vulnerability in the typoLink function in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allows remote authenticated editors to inject arbitrary web script or HTML via a link field.
Remediation
References
Related Vulnerabilities
Moodle Configuration Vulnerability (CVE-2012-0797)
Oracle Database Server CVE-2011-2242 Vulnerability (CVE-2011-2242)
Oracle JRE CVE-2018-2579 Vulnerability (CVE-2018-2579)
Coppermine Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-3481)
Grafana Uncontrolled Resource Consumption Vulnerability (CVE-2026-33375)