Lucene search
GoogleOSV:CVE-2020-11064HistoryMay 13, 2020 - 11:15 p.m.
CVE-2020-11064
2020-05-1323:15:11
Google
osv.dev
7
EPSS
0.001
Percentile
21.2%
In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.17 and greater than or equal to 10.0.0 and less than 10.4.2, it has been discovered that HTML placeholder attributes containing data of other database records are vulnerable to cross-site scripting. A valid backend user account is needed to exploit this vulnerability. This has been fixed in 9.5.17 and 10.4.2.
Related
osv
osv
BIT-typo3-2020-11064
2024-03-06 11:12:06
Cross-Site Scripting in TYPO3 CMS Form Engine
2020-05-13 23:17:48
friendsofphp
friendsofphp
TYPO3-CORE-SA-2020-002: Cross-Site Scripting in Form Engine
2020-05-12 09:21:07
TYPO3-CORE-SA-2020-002: Cross-Site Scripting in Form Engine
2020-05-12 09:21:07
cvelist
cvelist
CVE-2020-11064 Cross-Site Scripting in TYPO3 CMS
2020-05-13 22:50:11
nvd
nvd
CVE-2020-11064
2020-05-13 23:15:11
prion
prion
Cross site scripting
2020-05-13 23:15:00
typo3
typo3
Cross-Site Scripting in Form Engine
2020-05-12 00:00:00
github
github
Cross-Site Scripting in TYPO3 CMS Form Engine
2020-05-13 23:17:48
cve
cve
CVE-2020-11064
2020-05-13 23:15:11
veracode
veracode
Cross-site Scripting (XSS)
2020-05-14 07:29:12
openvas
openvas
nessus
nessus
TYPO3 9.x < 9.5.17 / 10.x < 10.4.2 Multiple Vulnerabilities
2020-07-13 00:00:00
freebsd
freebsd
typo3 -- multiple vulnerabilities
2020-05-12 00:00:00