Cross site scripting

2009-01-2815:30:00

PRIOn knowledge base

www.prio-n.com

6.2 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.6%

JSON

Cross-site scripting (XSS) vulnerability in the freeCap CAPTCHA (sr_freecap) extension before 1.0.4 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CPENameOperatorVersion
freecap_captcha_extensionle1.0.3
freecap_captcha_extensioneq1.0.0
freecap_captcha_extensioneq1.0.1
freecap_captcha_extensioneq1.0.2

Name	Operator	Version
freecap_captcha_extension	le	1.0.3
freecap_captcha_extension	eq	1.0.0
freecap_captcha_extension	eq	1.0.1
freecap_captcha_extension	eq	1.0.2

References

secunia.com/advisories/31946

typo3.org/extensions/repository/view/sr_freecap/1.0.4/

typo3.org/teams/security/security-bulletins/typo3-20080924-2/

www.securityfocus.com/bid/31370

exchange.xforce.ibmcloud.com/vulnerabilities/45379