Cross site scripting

2008-05-2714:32:00

PRIOn knowledge base

www.prio-n.com

6.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

46.4%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in the Statistics (aka ke_stats) extension 0.1.2 and earlier for TYPO3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CPENameOperatorVersion
statisticseq0.0.1 alpha
statisticseq0.1.0 beta
statisticseq0.1.1 beta
statisticseq0.1.2 beta

Name	Operator	Version
statistics	eq	0.0.1 alpha
statistics	eq	0.1.0 beta
statistics	eq	0.1.1 beta
statistics	eq	0.1.2 beta

References

typo3.org/teams/security/security-bulletins/typo3-20080513-4

exchange.xforce.ibmcloud.com/vulnerabilities/42366