Description
Cross-site scripting (XSS) vulnerability in class.tx_indexedsearch.php in the Indexed Search 2.9.0 extension for Typo3 before 4.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin Autoship Cloud PHP Object Injection (1.0.13)
WordPress Other Vulnerability (CVE-2004-1584)
WordPress Plugin Fancy Product Designer-WooCommerce SQL Injection (4.7.4)
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Directory Traversal (1.3.42)
WordPress Plugin YITH WooCommerce Recover Abandoned Cart Security Bypass (1.3.2)