4 matches found
TYPO3 femanager 6.3.0 Cross Site Scripting Vulnerability
======================================================================= title: Stored Cross-Site Scripting vulnerability product: TYPO3 extension "femanager" vulnerable version: 6.0.0 - 6.3.0 and 5.5.0 and below fixed version: 6.3.1 and 5.5.1 CVE number: CVE-2021-36787 impact: Medium homepage:...
CVE-2021-36787
creationtimestamp| type| source ---|---|--- 2021-08-13 20:41:12+00:00| seen| https://t.me/cibsecurity/27317...
CVE-2021-36787
The femanager extension before 5.5.1 and 6.x before 6.3.1 for TYPO3 allows XSS via a crafted SVG document...
CVE-2021-36787
The CVE-2021-36787 issue affects the TYPO3 femanager extension prior to 5.5.1 and 6.x prior to 6.3.1, where a crafted SVG document can trigger Cross-Site Scripting (XSS). The vulnerability arises from how SVG content is handled during user-related operations, allowing injected script when the SVG...