Lucene search
MitreCVELIST:CVE-2015-5956HistorySep 16, 2015 - 2:00 p.m.
CVE-2015-5956
2015-09-1614:00:00
mitre
raw.githubusercontent.com
1
The sanitizeLocalUrl function in TYPO3 6.x before 6.2.15, 7.x before 7.4.0, 4.5.40, and earlier allows remote authenticated users to bypass the XSS filter and conduct cross-site scripting (XSS) attacks via a base64 encoded data URI, as demonstrated by the (1) returnUrl parameter to show_rechis.php and the (2) redirect_url parameter to index.php.
Related
friendsofphp
friendsofphp
Backend: Non-Persistent Cross-Site Scripting
2015-09-08 10:59:00
checkpoint_advisories
checkpoint_advisories
Typo3 CMS SanitizeLocalUrl Cross-Site Scripting (CVE-2015-5956)
2015-10-08 00:00:00
prion
prion
Cross site scripting
2015-09-16 14:59:00
osv
osv
TYPO3 cross-site scripting (XSS)
2022-05-14 02:48:01
typo3
typo3
Non-Persistent Cross-Site Scripting
2015-09-08 00:00:00
securityvulns
securityvulns
ubuntucve
ubuntucve
CVE-2015-5956
2015-09-16 00:00:00
packetstorm
packetstorm
Typo3 CMS 6.2.14 / 4.5.40 Cross Site Scripting
2015-09-14 00:00:00
openvas
openvas
cve
cve
CVE-2015-5956
2015-09-16 14:59:00
github
github
TYPO3 cross-site scripting (XSS)
2022-05-14 02:48:01