TYPO3 Cross-Site Scripting (XSS) in form component

2024-06-0319:42:12

GitHub Advisory Database

github.com

typo3

xss

vulnerability

form component

content sanitization

unauthenticated

7.1 High

AI Score

Confidence

High

Failing to sanitize content from unauthenticated website visitors, the form component is susceptible to Cross-Site Scripting.

Affected configurations

Vulners

Node

typo3cms_poll_system_extensionRange<6.2.18

CPENameOperatorVersion
typo3/cmslt6.2.18

CPE	Name	Operator	Version
	typo3/cms	lt	6.2.18

github.com/advisories/GHSA-5j86-5xvg-7q93

github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2016-02-16-4.yaml

typo3.org/security/advisory/typo3-core-sa-2016-004

typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-004

7.1 High

AI Score

Confidence

High