Cross site scripting

2012-02-1417:55:00

PRIOn knowledge base

www.prio-n.com

6.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.8%

JSON

Cross-site scripting (XSS) vulnerability in the Post data records to facebook (bc_post2facebook) extension before 0.2.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CPENameOperatorVersion
bc_post2facebookle0.2.1
bc_post2facebookeq0.2.0

CPE	Name	Operator	Version
	bc_post2facebook	le	0.2.1
	bc_post2facebook	eq	0.2.0

References

osvdb.org/78789

typo3.org/extensions/repository/view/bc_post2facebook/0.2.2/

typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-001/