typo3 -- Cross-Site Scripting Vulnerability in TYPO3 Core

ID C28EE9CD-916E-4DCF-8ED3-E97E5846DB6C
Type freebsd
Reporter FreeBSD
Modified 2012-07-04T00:00:00


Typo3 Security Report (TYPO3-CORE-SA-2012-003):

TYPO3 bundles and uses an external JavaScript and Flash Upload Library called swfupload. TYPO3 can be configured to use this Flash uploader. Input passed via the "movieName" parameter to swfupload.swf is not properly sanitised before being used in a call to "ExternalInterface.call()". This can be exploited to execute arbitrary script code in a user's browser session in context of an affected site. The existance of the swfupload library is sufficient to be vulnerable to the reported problem.