Lucene search
HistorySep 04, 2012 - 8:55 p.m.
CVE-2012-1608
typo3
t3lib_div
removexss
xss protection
web script injection
cve-2012-1608
nvd
5.4 Medium
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
57.9%
The t3lib_div::RemoveXSS API method in TYPO3 4.4.0 through 4.4.13, 4.5.0 through 4.5.13, 4.6.0 through 4.6.6, 4.7, and 6.0 allows remote attackers to bypass the cross-site scripting (XSS) protection mechanism and inject arbitrary web script or HTML via non printable characters.
Related
prion
prion
Cross site scripting
2012-09-04 20:55:00
osv
osv
Typo3 API XSS Vulnerabilities
2022-05-17 05:23:54
typo3-src - several
2012-03-31 00:00:00
ubuntucve
ubuntucve
CVE-2012-1608
2012-09-04 00:00:00
github
github
Typo3 API XSS Vulnerabilities
2022-05-17 05:23:54
openvas
openvas
Debian Security Advisory DSA 2445-1 (typo3-src)
2012-04-30 00:00:00
TYPO3 Multiple Vulnerabilities (Mar 2012)
2014-01-02 00:00:00
Debian: Security Advisory (DSA-2445-1)
2012-04-30 00:00:00
nessus
nessus
Debian DSA-2445-1 : typo3-src - several vulnerabilities
2012-04-02 00:00:00
debian
debian
[SECURITY] [DSA 2445-1] typo3-src security update
2012-03-31 11:12:27
securityvulns
securityvulns
[SECURITY] [DSA 2445-1] typo3-src security update
2012-04-09 00:00:00
typo3
typo3
Several Vulnerabilities in TYPO3 Core
2012-03-28 00:00:00
5.4 Medium
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
57.9%
Related for CVE-2012-1608