Lucene search

GitHub Advisory DatabaseGHSA-XC7Q-Q62F-WCVR

HistoryMay 17, 2022 - 4:58 a.m.

Apache Solr for TYPO3 (solr) extension is vulnerable to Cross-site scripting (XSS)

2022-05-1704:58:35

CWE-79

GitHub Advisory Database

github.com

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

60.4%

JSON

Cross-site scripting (XSS) vulnerability in the Apache Solr for TYPO3 (solr) extension before 2.8.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected configurations

Vulners

Node

apache-solr-for-typo3solrRange<2.8.3

CPENameOperatorVersion
apache-solr-for-typo3/solrlt2.8.3

CPE	Name	Operator	Version
	apache-solr-for-typo3/solr	lt	2.8.3

References

secunia.com/advisories/54978

typo3.org/extensions/repository/view/solr

typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-009/

www.securityfocus.com/bid/62674

github.com/advisories/GHSA-xc7q-q62f-wcvr

github.com/TYPO3-Solr/ext-solr/commit/57e3b06b498668e093b9b86f32f7509d12d6ae4e

github.com/TYPO3-Solr/ext-solr/commit/7ed1e9fc03f2036d80a416178493da72c620f7e9

nvd.nist.gov/vuln/detail/CVE-2013-6289

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

60.4%

JSON

Related for GHSA-XC7Q-Q62F-WCVR