Description

Cross-site scripting (XSS) vulnerability in class.tx_indexedsearch.php in the Indexed Search 2.9.0 extension for Typo3 before 4.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter.

Remediation

References

CVE-2006-5069

Related Vulnerabilities

Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2007-5594)

WordPress Plugin Responsive Menu-Create Mobile-Friendly Menu Multiple Vulnerabilities (3.1.3)

MediaWiki Improper Access Control Vulnerability (CVE-2015-8008)

WordPress Plugin WP Maps-Display Google Maps Perfectly with Ease Cross-Site Request Forgery (4.0.9)

WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.30)

Severity

Low

Classification

CVE-2006-5069

Tags

Missing Update Known Vulnerabilities