EUVD-2015-8633

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

TYPO3 6.2.x allows remote attacks to embed external Flash videos via Cross-Site Flashing vulnerability

Reporter	Title	Published	Views	Family All 12
CNVD	TYPO3 Flvplayer Component Flash Embedding Vulnerability	15 Jan 201600:00	–	cnvd
CVE	CVE-2015-8760	8 Jan 201619:00	–	cve
Cvelist	CVE-2015-8760	8 Jan 201619:00	–	cvelist
Github Security Blog	TYPO3 allows remote attackers to embed Flash videos from external domain	17 May 202203:59	–	github
NVD	CVE-2015-8760	8 Jan 201619:59	–	nvd
OpenVAS	TYPO3 Multiple Vulnerabilities-01 (Jan 2016)	19 Jan 201600:00	–	openvas
OSV	GHSA-3F58-74QW-PH75 TYPO3 allows remote attackers to embed Flash videos from external domain	17 May 202203:59	–	osv
Prion	Cross site scripting	8 Jan 201619:59	–	prion
RedhatCVE	CVE-2015-8760	22 May 202509:24	–	redhatcve
Snyk	Open Redirect	17 May 202203:59	–	snyk

[
  {
    "enisaIdVendor": [
      {
        "id": "6bb4760e-efb7-3043-be41-fe7807422b5b",
        "vendor": {
          "name": "n/a"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "15a44fb3-464c-3dc6-a946-fb5600a86143",
        "product": {
          "name": "n/a"
        },
        "product_version": "n/a"
      }
    ]
  }
]

Source	Link
securitytracker	www.securitytracker.com/id/1034485
securityfocus	www.securityfocus.com/bid/79210
typo3	www.typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-014/
nvd	www.nvd.nist.gov/vuln/detail/CVE-2015-8760
github	www.github.com/TYPO3/typo3/commit/29ae05c04cb48d4031d323f17d8f2b68b27af353
typo3	www.typo3.org/security/advisory/typo3-core-sa-2015-014
web	www.web.archive.org/web/20160621232021/http://www.securityfocus.com/bid/79210
web	www.web.archive.org/web/20161012163613/http://www.securitytracker.com/id/1034485
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

6.1Medium risk

Vulners AI Score6.1

CVSS 36.1

CVSS 24.3

EPSS0.00274