Lucene search
PRIOn knowledge basePRION:CVE-2020-11070HistoryMay 13, 2020 - 7:15 p.m.
Cross site scripting
2020-05-1319:15:00
PRIOn knowledge base
www.prio-n.com
3
0.001 Low
EPSS
Percentile
21.2%
The SVG Sanitizer extension for TYPO3 has a cross-site scripting vulnerability in versions before 1.0.3. Slightly invalid or incomplete SVG markup is not correctly processed and thus not sanitized at all. Albeit the markup is not valid it still is evaluated in browsers and leads to cross-site scripting. This is fixed in version 1.0.3.
| CPE | Name | Operator | Version |
|---|---|---|---|
| svg_sanitizer | lt | 1.0.3 |
Related
typo3
typo3
Cross-Site Scripting in "SVG Sanitizer" (svg_sanitizer)
2020-05-12 00:00:00
osv
osv
CVE-2020-11070
2020-05-13 19:15:11
Cross-Site Scripting in SVG Sanitizer
2020-05-13 22:17:34
cve
cve
CVE-2020-11070
2020-05-13 19:15:11
cvelist
cvelist
CVE-2020-11070 Cross-Site Scripting in SVG Sanitizer
2020-05-13 18:40:11
github
github
Cross-Site Scripting in SVG Sanitizer
2020-05-13 22:17:34
veracode
veracode
Cross-Site Scripting (XSS)
2020-05-14 03:58:42
nvd
nvd
CVE-2020-11070
2020-05-13 19:15:11