Lucene search
GoogleOSV:GHSA-JR79-65XR-Q7CXHistoryMay 17, 2022 - 12:26 a.m.
TYPO3 Cross-site Scripting vulnerability in the extension manager and backend forms
2022-05-1700:26:03
Google
osv.dev
3
Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 CMS 4.1.x before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4, and 4.4.x before 4.4.1 allow remote authenticated backend users to inject arbitrary web script or HTML via unspecified parameters to the extension manager, or unspecified parameters to unknown backend forms.
References
www.openwall.com/lists/oss-security/2010/09/28/8
www.openwall.com/lists/oss-security/2014/02/12/8
github.com/TYPO3-CMS/backend
nvd.nist.gov/vuln/detail/CVE-2010-3659
security-tracker.debian.org/tracker/CVE-2010-3659
typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-012
web.archive.org/web/20120903133822/www.securityfocus.com/bid/42029
Related
cve
cve
CVE-2010-3659
2017-10-20 18:29:00
cvelist
cvelist
CVE-2010-3659
2017-10-20 18:00:00
nvd
nvd
CVE-2010-3659
2017-10-20 18:29:00
prion
prion
Cross site scripting
2017-10-20 18:29:00
github
github
ubuntucve
ubuntucve
CVE-2010-3659
2017-10-20 00:00:00
openvas
openvas
TYPO3 < 4.1.14, 4.2.x < 4.2.13, 4.3.x < 4.3.4, 4.4.0 Multiple Vulnerabilities (TYPO3-SA-2010-012)
2017-11-08 00:00:00
Debian: Security Advisory (DSA-2098-1)
2010-10-10 00:00:00
Debian: Security Advisory (DSA-2098-1)
2010-10-10 00:00:00