Lucene search
GitHub Advisory DatabaseGHSA-8J9V-4HHH-X43CHistoryJun 04, 2024 - 2:48 p.m.
Cross-Site Scripting (XSS) in TYPO3 component CSS styled content
2024-06-0414:48:42
CWE-79
GitHub Advisory Database
github.com
4
cross-site scripting
typo3
css styled content
user input
html
javascript
security vulnerability
authenticated editors
AI Score
6.8
Confidence
High
Failing to properly encode user input, the CSS styled content component is susceptible to Cross-Site Scripting, allowing authenticated editors to inject arbitrary HTML or JavaScript.
Affected configurations
Node
typo3typo3_cmsRange7.6.0–7.6.4
ORtypo3typo3_cmsRange6.2.0–6.2.19
AI Score
6.8
Confidence
High