Description
Multiple cross-site scripting (XSS) vulnerabilities in Content Editing Wizards in TYPO3 4.5.x before 4.5.32, 4.7.x before 4.7.17, 6.0.x before 6.0.12, 6.1.x before 6.1.7, and the development versions of 6.2 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters.
Remediation
References
Related Vulnerabilities
MySQL CVE-2015-4861 Vulnerability (CVE-2015-4861)
MySQL CVE-2015-4913 Vulnerability (CVE-2015-4913)
WordPress Plugin WP Mobile Detector Cross-Site Scripting (3.2)
WordPress Plugin Easy Social Feed-Social Photos Gallery-Post Feed-Like Box Security Bypass (6.3.3)
WordPress Plugin NEX-Forms-Ultimate Form builder SQL Injection (3.0)