Description

Cross-site scripting (XSS) vulnerability in class.tx_indexedsearch.php in the Indexed Search 2.9.0 extension for Typo3 before 4.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter.

Remediation

References

CVE-2006-5069

Related Vulnerabilities

Apache HTTP Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2008-2364)

Oracle Application Server CVE-2006-0290 Vulnerability (CVE-2006-0290)

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-32472)

Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.18)

ZenCart Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-4322)

Severity

Low

Classification

CVE-2006-5069

Tags

Missing Update Known Vulnerabilities