Https://gitlab.com/gitlab-org/security-products/gemnasium-dbGITLAB-55178814AF7B26ADDD4BB0137BAB5735Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
60.4%
Cross-site scripting (XSS) vulnerability in the Apache Solr for TYPO3 (solr) extension before 2.8.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Affected configurations
| CPE | Name | Operator | Version |
|---|---|---|---|
| packagist/apache-solr-for-typo3/solr | lt | 2.8.3 |
References
secunia.com/advisories/54978
typo3.org/extensions/repository/view/solr
typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-009/
www.securityfocus.com/bid/62674
github.com/advisories/GHSA-xc7q-q62f-wcvr
github.com/TYPO3-Solr/ext-solr/commit/57e3b06b498668e093b9b86f32f7509d12d6ae4e
github.com/TYPO3-Solr/ext-solr/commit/7ed1e9fc03f2036d80a416178493da72c620f7e9
nvd.nist.gov/vuln/detail/CVE-2013-6289
Related
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
60.4%