CVE-2012-6147

Cross-site scripting XSS vulnerability in the tree render API TCA-Tree in the Backend API in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in the tree render API TCA-Tree in the Backend API in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-6147

Cross-site scripting XSS vulnerability in the tree render API TCA-Tree in the Backend API in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-6147

CVE-2012-6147 is an XSS vulnerability in TYPO3’s Backend API (tree render API, TCA-Tree). The issue allows remote authenticated backend users to inject arbitrary web script or HTML via unspecified vectors. Affected TYPO3 core versions are 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before...

FreeBSD : typo3 -- Multiple vulnerabilities in TYPO3 Core (79818ef9-2d10-11e2-9160-00262d5ed8ee)

Typo Security Team reports : TYPO3 Backend History Module - Due to missing encoding of user input, the history module is susceptible to SQL Injection and Cross-Site Scripting. A valid backend login is required to exploit this vulnerability. Credits go to Thomas Worm who discovered and reported th...

Several Vulnerabilities in TYPO3 Core

It has been discovered that TYPO3 Core is vulnerable to SQL Injection, Information Disclosure and Cross-Site Scripting Component Type: TYPO3 Core Affected Versions: 4.5.0 up to 4.5.20, 4.6.0 up to 4.6.13, 4.7.0 up to 4.7.5 and development releases of the 6.0 branch. Vulnerability Types: SQL...