CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2 matches found

Veracode•added 2020/11/18 2:39 a.m.•34 views

Cross-site Scripting (XSS)

typo3/fluid is vulnerable to cross-site scripting XSS. An attacker is able to inject and execute malicious script in a user's browser via 1 additionalAttributes arrays 2 ViewHelpers 3 Subclasses of AbstractConditionViewHelper...

8CVSS5.4AI score0.00583EPSS

Exploits1References4Affected Software2

Cvelist•added 2020/11/17 8:45 p.m.•12 views

CVE-2020-26216 Cross-Site Scripting in TYPO3 Fluid

TYPO3 Fluid before versions 2.0.8, 2.1.7, 2.2.4, 2.3.7, 2.4.4, 2.5.11 and 2.6.10 is vulnerable to Cross-Site Scripting. Three XSS vulnerabilities have been detected in Fluid: 1. TagBasedViewHelper allowed XSS through maliciously crafted additionalAttributes arrays by creating keys with...

8CVSS8.1AI score0.00583EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by