{"edition": 1, "title": "CVE-2016-4056", "bulletinFamily": "NVD", "published": "2017-01-23T16:59:01", "lastseen": "2017-04-18T15:59:29", "history": [], "modified": "2017-01-24T16:13:58", "reporter": "NVD", "hash": "3aa3204313516f20a8a02027339636db0ba288a72eea1be63b6271ede0cf313a", "viewCount": 0, "scanner": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4056", "cpe": ["cpe:/a:typo3:typo3:6.2.4", "cpe:/a:typo3:typo3:6.2.13", "cpe:/a:typo3:typo3:6.2.5", "cpe:/a:typo3:typo3:6.2.0:beta7", "cpe:/a:typo3:typo3:6.2.0:alpha3", "cpe:/a:typo3:typo3:6.2.3", "cpe:/a:typo3:typo3:6.2.7", "cpe:/a:typo3:typo3:6.2.10:rc1", "cpe:/a:typo3:typo3:6.2.15", "cpe:/a:typo3:typo3:6.2.0:beta2", "cpe:/a:typo3:typo3:6.2.18", "cpe:/a:typo3:typo3:6.2.6", "cpe:/a:typo3:typo3:6.2.11", "cpe:/a:typo3:typo3:6.2.9", "cpe:/a:typo3:typo3:6.2.0:alpha2", "cpe:/a:typo3:typo3:6.2.0:rc1", "cpe:/a:typo3:typo3:6.2.0:alpha1", "cpe:/a:typo3:typo3:6.2.14", "cpe:/a:typo3:typo3:6.2.10", "cpe:/a:typo3:typo3:6.2.0:beta1", "cpe:/a:typo3:typo3:6.2.0:beta5", "cpe:/a:typo3:typo3:6.2.0:beta3", "cpe:/a:typo3:typo3:6.2.0:beta4", "cpe:/a:typo3:typo3:6.2.0:rc2", "cpe:/a:typo3:typo3:6.2.16", "cpe:/a:typo3:typo3:6.2.17", "cpe:/a:typo3:typo3:6.2.12", "cpe:/a:typo3:typo3:6.2.0:beta6", "cpe:/a:typo3:typo3:6.2.1", "cpe:/a:typo3:typo3:6.2.8", "cpe:/a:typo3:typo3:6.2", "cpe:/a:typo3:typo3:6.2.2"], "description": "Cross-site scripting (XSS) vulnerability in the Backend component in TYPO3 6.2.x before 6.2.19 allows remote attackers to inject arbitrary web script or HTML via the module parameter when creating a bookmark.", "type": "cve", "hashmap": [{"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "db366bb02c86b54481c93954007cfe41"}, {"key": "cvelist", "hash": "362e0c3c3745ac4f0d5b72ea0ee1f593"}, {"key": "cvss", "hash": "6e9bdd2021503689a2ad9254c9cdf2b3"}, {"key": "description", "hash": "472f66cd94a2460fa1c35364a5517ee8"}, {"key": "href", "hash": "ce731474c266a1bdf32f4cd13d2e5692"}, {"key": "modified", "hash": "a3697a5bf99522b7cff5eafeeda9f3e1"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "published", "hash": "b598d83d59f9566010d1c9e55d2b0927"}, {"key": "references", "hash": "67cdca73c7ec37d8b26365773941f4d2"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "title", "hash": "e09bff99f08a5acbf36a7df1cf03f511"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "references": ["http://www.openwall.com/lists/oss-security/2016/04/21/1", "https://labs.integrity.pt/advisories/cve-pending-stored-cross-site-scripting-in-typo3-bookmarks/", "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-006/"], "objectVersion": "1.2", "enchantments": {"score": {"vector": "NONE", "value": 4.3}, "vulnersScore": 4.3}, "cvss": {"vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/", "score": 4.3}, "cvelist": ["CVE-2016-4056"], "id": "CVE-2016-4056", "assessment": {"system": "", "name": "", "href": ""}}

{"openvas": [{"lastseen": "2018-09-01T23:46:25", "references": ["https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-006"], "pluginID": "1361412562310807828", "description": "This host is installed with TYPO3 and\n is prone to cross site scripting vulnerability.", "edition": 3, "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "published": "2016-05-20T00:00:00", "title": "TYPO3 Bookmark Toolbar Cross-Site Scripting Vulnerability May16 (SA-2016-006)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 4.3}}, "naslFamily": "Web application abuses", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4056"], "modified": "2017-03-28T00:00:00", "id": "OPENVAS:1361412562310807828", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807828", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_typo3_bookmark_toolbar_xss_vuln_may16.nasl 5745 2017-03-28 09:01:00Z teissa $\n#\n# TYPO3 Bookmark Toolbar Cross-Site Scripting Vulnerability May16 (SA-2016-006)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:typo3:typo3\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807828\");\n script_version(\"$Revision: 5745 $\");\n script_cve_id(\"CVE-2016-4056\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-03-28 11:01:00 +0200 (Tue, 28 Mar 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-05-20 18:03:53 +0530 (Fri, 20 May 2016)\");\n script_name(\"TYPO3 Bookmark Toolbar Cross-Site Scripting Vulnerability May16 (SA-2016-006)\");\n\n script_tag(name: \"summary\" , value: \"This host is installed with TYPO3 and\n is prone to cross site scripting vulnerability.\");\n\n script_tag(name: \"vuldetect\" , value: \"Get the installed version with the help\n of detect NVT and check the version is vulnerable or not.\");\n\n script_tag(name: \"insight\" , value: \"The flaw exists due to an error in\n the bookmark toolbar which fails to properly encode incoming data.\");\n\n script_tag(name: \"impact\" , value: \"Successful exploitation will allow\n remote attackers to execute arbitrary script code in a user's browser session\n within the trust relationship between their browser and the server.\n\n Impact Level: Application.\");\n\n script_tag(name: \"affected\" , value:\"TYPO3 versions 6.2.0 through 6.2.18\");\n\n script_tag(name: \"solution\" , value:\"Upgrade to TYPO3 version 6.2.19 or later.\n For updates refer to https://typo3.org/typo3-cms\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_xref(name: \"URL\" , value : \"https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-006\");\n\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_dependencies(\"gb_typo3_detect.nasl\");\n script_mandatory_keys(\"TYPO3/installed\");\n script_require_ports(\"Services/www\", 80);\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\n## Variable initialisation\ntypoPort = \"\";\ntypoVer = \"\";\n\n## Get Application HTTP Port\nif(!typoPort = get_app_port(cpe:CPE)){\n exit(0);\n}\n\n##Get Typo3 version\nif(!typoVer = get_app_version(cpe:CPE, port:typoPort)){\n exit(0);\n}\n\nif(typoVer !~ \"[0-9]+\\.[0-9]+\\.[0-9]+\") exit(0); # Version is not exact enough\n\n## Check for version 6.2.0 to 6.2.18\nif(typoVer =~ \"6\\.2\")\n{\n if(version_in_range(version:typoVer, test_version:\"6.2.0\", test_version2:\"6.2.18\"))\n {\n report = report_fixed_ver(installed_version:typoVer, fixed_version:\"6.2.19\");\n security_message(port:typoPort, data:report);\n exit(0);\n }\n}\n\nexit(99);", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}]}