Lucene search

[email protected]NVD:CVE-2009-3633

HistoryNov 02, 2009 - 3:30 p.m.

CVE-2009-3633

2009-11-0215:30:00

CWE-352

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

46.7%

JSON

Cross-site scripting (XSS) vulnerability in the t3lib_div::quoteJSvalue API function in TYPO3 4.0.13 and earlier, 4.1.x before 4.1.13, 4.2.x before 4.2.10, and 4.3.x before 4.3beta2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the sanitizing algorithm.

Affected configurations

NVD

Node

typo3typo3Range≤4.0.12

typo3typo3Match0.1.2

typo3typo3Match1.0.14

typo3typo3Match1.1

typo3typo3Match1.1.1

typo3typo3Match1.1.09

typo3typo3Match1.1.10

typo3typo3Match1.2.0

typo3typo3Match1.3.0

typo3typo3Match1.3.2

typo3typo3Match3.0

typo3typo3Match3.3.x

typo3typo3Match3.5

typo3typo3Match3.5.x

typo3typo3Match3.6.x

typo3typo3Match3.7.0

typo3typo3Match3.7.1

typo3typo3Match3.7.x

typo3typo3Match3.8

typo3typo3Match3.8.x

typo3typo3Match4.0

typo3typo3Match4.0.1

typo3typo3Match4.0.2

typo3typo3Match4.0.3

typo3typo3Match4.0.4

typo3typo3Match4.0.5

typo3typo3Match4.0.6

typo3typo3Match4.0.7

typo3typo3Match4.0.8

typo3typo3Match4.0.9

typo3typo3Match4.0.10

typo3typo3Match4.0.11

typo3typo3Match4.1.0

typo3typo3Match4.1.0beta1

typo3typo3Match4.1.0rc1

typo3typo3Match4.1.1

typo3typo3Match4.1.2

typo3typo3Match4.1.3

typo3typo3Match4.1.4

typo3typo3Match4.1.5

typo3typo3Match4.1.6

typo3typo3Match4.1.7

typo3typo3Match4.1.8

typo3typo3Match4.1.9

typo3typo3Match4.1.10

typo3typo3Match4.1.11

typo3typo3Match4.1.12

typo3typo3Match4.2.0

typo3typo3Match4.2.1

typo3typo3Match4.2.2

typo3typo3Match4.2.3

typo3typo3Match4.2.4

typo3typo3Match4.2.5

typo3typo3Match4.2.6

typo3typo3Match4.2.7

typo3typo3Match4.2.8

typo3typo3Match4.2.9

typo3typo3Match4.3

typo3typo3Match4.3alpha1

References

marc.info/?l=oss-security&m=125632856206736&w=2

marc.info/?l=oss-security&m=125633199111438&w=2

secunia.com/advisories/37122

typo3.org/teams/security/security-bulletins/typo3-sa-2009-016/

www.securityfocus.com/bid/36801

www.vupen.com/english/advisories/2009/3009

exchange.xforce.ibmcloud.com/vulnerabilities/53925

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

46.7%

JSON

Related for NVD:CVE-2009-3633

cve1 prion1 cvelist1 ubuntucve1 osv2 github1 openvas5 nessus2 debian1 securityvulns2 freebsd1