Description

Cross-site scripting (XSS) vulnerability in class.tx_indexedsearch.php in the Indexed Search 2.9.0 extension for Typo3 before 4.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter.

Remediation

References

CVE-2006-5069

Related Vulnerabilities

Sqlite NULL Pointer Dereference Vulnerability (CVE-2017-15286)

WordPress Plugin NextGEN Gallery-WordPress Gallery Multiple Vulnerabilities (2.0.77)

PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-3412)

WordPress Plugin Appointment Scheduling for Zoom GoogleMeet and more-Wappointment Cross-Site Scripting (2.2.4)

WordPress Plugin SEO Redirection-301 Redirect Manager SQL Injection (8.1)

Severity

Low

Classification

CVE-2006-5069

Tags

Missing Update Known Vulnerabilities