TYPO3 cross-site scripting (XSS)

🗓️ 14 May 2022 02:48:01Reported by GitHub Advisory DatabaseType

github

github🔗 github.com👁 27 Views

TYPO3 6.x and 7.x XSS vulnerabilit

Reporter	Title	Published	Views	Family All 17
0day.today	Typo3 CMS 6.2.14 / 4.5.40 Cross Site Scripting Vulnerability	16 Sep 201500:00	–	zdt
GithubExploit	Exploit for Cross-site Scripting in Astaro Security_Gateway_Software	30 Apr 201915:15	–	githubexploit
CNVD	TYPO3 CMS Cross-Site Scripting Vulnerability	15 Sep 201500:00	–	cnvd
Check Point Advisories	Typo3 CMS SanitizeLocalUrl Cross-Site Scripting (CVE-2015-5956)	8 Oct 201500:00	–	checkpoint_advisories
CVE	CVE-2015-5956	16 Sep 201514:00	–	cve
Cvelist	CVE-2015-5956	16 Sep 201514:00	–	cvelist
EUVD	EUVD-2022-3322	3 Oct 202520:07	–	euvd
Friends Of PHP	Backend: Non-Persistent Cross-Site Scripting	8 Sep 201510:59	–	friendsofphp
NVD	CVE-2015-5956	16 Sep 201514:59	–	nvd
OpenVAS	TYPO3 'sanitizeLocalUrl' function XSS Vulnerability (SA-2015-009)	8 Oct 201500:00	–	openvas

Vulners

Node

typo3 cms_poll_system_extensionRange4.0–4.5.40composer

OR

typo3 cms_poll_system_extensionRange7.0–7.4.0composer

OR

typo3 cms_poll_system_extensionRange6.0–6.2.15composer

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2015-5956
typo3	www.typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-009/
packetstormsecurity	www.packetstormsecurity.com/files/133551/Typo3-CMS-6.2.14-4.5.40-Cross-Site-Scripting.html
seclists	www.seclists.org/fulldisclosure/2015/Sep/57
securityfocus	www.securityfocus.com/archive/1/536464/100/0/threaded
securitytracker	www.securitytracker.com/id/1033551
github	www.github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2015-5956.yaml
github	www.github.com/advisories/GHSA-989h-wv8x-933p

25 Apr 2024 21:35Current

5Medium risk

Vulners AI Score5

CVSS 23.5

EPSS0.00169

typo3 cross-site scripting xss sanitizelocalurl 6.x 7.x 4.5.40