Lucene search

CVE-2021-21358

🗓️ 23 Mar 2021 02:12:15Reported by [email protected]Type

TYPO3 Form Designer module XSS vulnerability patched in versions 10.4.14, 11.1.

Reporter	Title	Published	Views	Family All 13
Veracode	Cross-site Scripting (XSS)	24 Mar 202103:32	–	veracode
Friends Of PHP	TYPO3-CORE-SA-2021-004: Cross-Site Scripting in Form Framework	16 Mar 202108:59	–	friendsofphp
Friends Of PHP	TYPO3-CORE-SA-2021-004: Cross-Site Scripting in Form Framework	16 Mar 202108:59	–	friendsofphp
OSV	BIT-typo3-2021-21358	6 Mar 202411:11	–	osv
OSV	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in typo3/cms-form	23 Mar 202101:54	–	osv
OSV	CVE-2021-21358	23 Mar 202102:15	–	osv
Typo3	Cross-Site Scripting in Form Framework	16 Mar 202100:00	–	typo3
Prion	Cross site scripting	23 Mar 202102:15	–	prion
CNVD	TYPO3 cross-site scripting vulnerability (CNVD-2021-26144)	22 Mar 202100:00	–	cnvd
CVE	CVE-2021-21358	23 Mar 202102:15	–	cve

Nvd

Node

typo3 typo3Range10.2.0–10.4.14

typo3 typo3Range11.0.0–11.1.1

Source	Link
typo3	www.typo3.org/security/advisory/typo3-core-sa-2021-004
packagist	www.packagist.org/packages/typo3/cms-form
github	www.github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-x79j-wgqv-g8h2

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

23 Mar 2021 02:15Current

CVSS23.5

CVSS35.4

EPSS0.00061

CWE-79