7 matches found
Cross-site Scripting (XSS)
ameos/ameostarteaucitron is vulnerable to cross-site scriptingXSS attacks. The library does not properly encode the user input in displayParticipantsFormAction function, allowing an attacker to inject and execute malicious javascript on the target system...
Cross site scripting in ameos_tarteaucitron
The ameostarteaucitron aka AMEOS - TarteAuCitron GDPR cookie banner and tracking management / French RGPD compatible extension before 1.2.23 for TYPO3 allows XSS...
Cross site scripting in ameos_tarteaucitron
The ameostarteaucitron aka AMEOS - TarteAuCitron GDPR cookie banner and tracking management / French RGPD compatible extension before 1.2.23 for TYPO3 allows XSS...
CVE-2022-33155
The ameostarteaucitron aka AMEOS - TarteAuCitron GDPR cookie banner and tracking management / French RGPD compatible extension before 1.2.23 for TYPO3 allows XSS...
CVE-2022-33155
The ameostarteaucitron aka AMEOS - TarteAuCitron GDPR cookie banner and tracking management / French RGPD compatible extension before 1.2.23 for TYPO3 allows XSS...
CVE-2022-33155
The ameostarteaucitron aka AMEOS - TarteAuCitron GDPR cookie banner and tracking management / French RGPD compatible extension before 1.2.23 for TYPO3 allows XSS...
CVE-2022-33155
Affected software: TYPO3 extension ameos_tarteaucitron (AMEOS - TarteAuCitron) prior to 1.2.23. Vulnerability: cross-site scripting (XSS) due to insufficient encoding, as noted in Veracode discussion of displayParticipantsFormAction. Impact: potential execution of malicious JavaScript in the vict...