Description

TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Header Injection in the secure download feature jumpurl.

Remediation

References

CVE-2010-3668

Related Vulnerabilities

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-6299)

WordPress Plugin WebLibrarian Multiple Unspecified Vulnerabilities (2.6.3.1)

WordPress Plugin ThemeGrill Demo Importer Security Bypass (1.6.1)

WordPress Plugin Active Directory Integration SQL Injection (1.1.8)

Ruby on Rails Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2020-8163)

Severity

High

Classification

CVE-2010-3668 CWE-138 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities