[email protected]CVE-2013-5570

HistoryAug 23, 2013 - 3:55 p.m.

CVE-2013-5570

2013-08-2315:55:00

CWE-79

[email protected]

web.nvd.nist.gov

cve-2013-5570

cross-site scripting

xss

typo3

javascript optimizer

css optimizer

security vulnerability

5.9 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

60.0%

JSON

Cross-site scripting (XSS) vulnerability in the Javascript and CSS Optimizer extension before 1.1.14 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CPENameOperatorVersion
axel_jung:js_css_optimizeraxel jung js css optimizerle1.0.4
axel_jung:js_css_optimizeraxel jung js css optimizereq0.0.1
axel_jung:js_css_optimizeraxel jung js css optimizereq0.1.0
axel_jung:js_css_optimizeraxel jung js css optimizereq0.2.0
axel_jung:js_css_optimizeraxel jung js css optimizereq0.2.1
axel_jung:js_css_optimizeraxel jung js css optimizereq0.2.2
axel_jung:js_css_optimizeraxel jung js css optimizereq0.2.3
axel_jung:js_css_optimizeraxel jung js css optimizereq1.0.0
axel_jung:js_css_optimizeraxel jung js css optimizereq1.0.1
axel_jung:js_css_optimizeraxel jung js css optimizereq1.0.2

CPE	Name	Operator	Version
axel_jung:js_css_optimizer	axel jung js css optimizer	le	1.0.4
axel_jung:js_css_optimizer	axel jung js css optimizer	eq	0.0.1
axel_jung:js_css_optimizer	axel jung js css optimizer	eq	0.1.0
axel_jung:js_css_optimizer	axel jung js css optimizer	eq	0.2.0
axel_jung:js_css_optimizer	axel jung js css optimizer	eq	0.2.1
axel_jung:js_css_optimizer	axel jung js css optimizer	eq	0.2.2
axel_jung:js_css_optimizer	axel jung js css optimizer	eq	0.2.3
axel_jung:js_css_optimizer	axel jung js css optimizer	eq	1.0.0
axel_jung:js_css_optimizer	axel jung js css optimizer	eq	1.0.1
axel_jung:js_css_optimizer	axel jung js css optimizer	eq	1.0.2

Rows per page:

1-10 of 111

References

secunia.com/advisories/53253

typo3.org/extensions/repository/view/js_css_optimizer

typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-002/

exchange.xforce.ibmcloud.com/vulnerabilities/81583

5.9 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

60.0%

JSON

Related for CVE-2013-5570

cvelist1 typo31 prion1