Lucene search

PRIOn knowledge basePRION:CVE-2019-25094

HistoryJan 04, 2023 - 10:15 a.m.

Cross site scripting

2023-01-0410:15:00

PRIOn knowledge base

www.prio-n.com

vulnerability

innologi appointments extension

2.0.5

remote attack

cross site scripting

upgrade

version 2.0.6

patch 986d3cb34e5e086c6f04e061f600ffc5837abe7f

component

identifier vdb-217353

nvd

0.001 Low

EPSS

Percentile

38.0%

JSON

A vulnerability, which was classified as problematic, was found in innologi appointments Extension up to 2.0.5 on TYPO3. This affects an unknown part of the component Appointment Handler. The manipulation of the argument formfield leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 2.0.6 is able to address this issue. The identifier of the patch is 986d3cb34e5e086c6f04e061f600ffc5837abe7f. It is recommended to upgrade the affected component. The identifier VDB-217353 was assigned to this vulnerability.

CPENameOperatorVersion
appointment_schedulerlt2.0.6

CPE	Name	Operator	Version
	appointment_scheduler	lt	2.0.6

References

github.com/innologi/typo3-appointments/commit/986d3cb34e5e086c6f04e061f600ffc5837abe7f

github.com/innologi/typo3-appointments/releases/tag/2.0.6

vuldb.com/?ctiid.217353

vuldb.com/?id.217353

0.001 Low

EPSS

Percentile

38.0%

JSON

Related for PRION:CVE-2019-25094