Description TYPO3 8.3.0 through 8.7.26 and 9.0.0 through 9.5.7 allows XSS. Remediation References CVE-2019-12748 Related Vulnerabilities ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-1963) WordPress Plugin File Manager Pro Arbitrary File Upload (8.3.4) WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner 'mosmsg' and 'option' Parameters Cross-Site Scripting Vulnerabilities (3.0) Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5232) WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.15) Severity Medium Classification CVE-2019-12748 CWE-707 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Tags Missing Update Known Vulnerabilities