Lucene search
K

TYPO3 Bookmark Toolbar XSS Vulnerability (TYPO3-CORE-SA-2016-006)

🗓️ 20 May 2016 00:00:00Reported by Copyright (C) 2016 Greenbone AGType 
openvas
 openvas
🔗 plugins.openvas.org👁 16 Views

TYPO3 XSS Vulnerability (TYPO3-CORE-SA-2016-006) in Bookmark Toolbar. Allows remote attackers to execute arbitrary script code in user's browser session

Related
Refs
Code
ReporterTitlePublishedViews
Family
CNVD
TYPO3 Cross-Site Scripting Vulnerability
24 Apr 201600:00
cnvd
CVE
CVE-2016-4056
23 Jan 201721:00
cve
Cvelist
CVE-2016-4056
23 Jan 201721:00
cvelist
EUVD
EUVD-2022-3759
3 Oct 202520:07
euvd
Github Security Blog
TYPO3 Backend component Cross-site scripting (XSS) vulnerability
17 May 202203:03
github
NVD
CVE-2016-4056
23 Jan 201721:59
nvd
OSV
GHSA-FFCM-VHCW-P32R TYPO3 Backend component Cross-site scripting (XSS) vulnerability
17 May 202203:03
osv
Prion
Cross site scripting
23 Jan 201721:59
prion
UbuntuCve
CVE-2016-4056
23 Jan 201721:59
ubuntucve
# SPDX-FileCopyrightText: 2016 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/a:typo3:typo3";

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.807828");
  script_version("2025-01-21T05:37:33+0000");
  script_cve_id("CVE-2016-4056");
  script_tag(name:"cvss_base", value:"4.3");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
  script_tag(name:"last_modification", value:"2025-01-21 05:37:33 +0000 (Tue, 21 Jan 2025)");
  script_tag(name:"severity_vector", value:"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2017-01-24 21:13:00 +0000 (Tue, 24 Jan 2017)");
  script_tag(name:"creation_date", value:"2016-05-20 18:03:53 +0530 (Fri, 20 May 2016)");
  script_name("TYPO3 Bookmark Toolbar XSS Vulnerability (TYPO3-CORE-SA-2016-006)");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2016 Greenbone AG");
  script_family("Web application abuses");
  script_dependencies("gb_typo3_http_detect.nasl");
  script_mandatory_keys("typo3/detected");

  script_xref(name:"URL", value:"https://typo3.org/security/advisory/typo3-core-sa-2016-006");

  script_tag(name:"summary", value:"TYPO3 is prone to a cross-site scripting (XSS) vulnerability.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");

  script_tag(name:"insight", value:"The flaw exists due to an error in the bookmark toolbar which
  fails to properly encode incoming data.");

  script_tag(name:"impact", value:"Successful exploitation will allow remote attackers to execute
  arbitrary script code in a user's browser session within the trust relationship between their
  browser and the server.");

  script_tag(name:"affected", value:"TYPO3 versions 6.2.0 through 6.2.18.");

  script_tag(name:"solution", value:"Update to version 6.2.19 or later.");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"remote_banner_unreliable");

  exit(0);
}

include("host_details.inc");
include("version_func.inc");

if (!port = get_app_port(cpe: CPE))
  exit(0);

if (!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE, version_regex: "[0-9]+\.[0-9]+\.[0-9]+")) # nb: Version might not be exact enough
  exit(0);

version = infos["version"];
path = infos["location"];

if (version =~ "^6\.2" && version_in_range(version: version, test_version: "6.2.0", test_version2: "6.2.18")) {
  report = report_fixed_ver(installed_version: version, fixed_version: "6.2.19", install_path: path);
  security_message(port: port, data: report);
  exit(0);
}

exit(99);

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

21 Jan 2025 00:00Current
6Medium risk
Vulners AI Score6
CVSS 24.3
CVSS 36.1
EPSS0.0108
16