Authorization

An issue was discovered in contextswurfl for TYPO3 before 0.4.2. The vulnerability exists due to insufficient filtration of user-supplied data in the "forceua" HTTP GET parameter passed to the "/contextswurfl/Library/wurfl-dbapi-1.4.4.0/checkwurfl.php" URL. An attacker could execute arbitrary HTM...

CVE-2017-5962

An issue was discovered in contextswurfl for TYPO3 before 0.4.2. The vulnerability exists due to insufficient filtration of user-supplied data in the "forceua" HTTP GET parameter passed to the "/contextswurfl/Library/wurfl-dbapi-1.4.4.0/checkwurfl.php" URL. An attacker could execute arbitrary HTM...

CVE-2017-5962

CVE-2017-5962 affects contexts_wurfl (TYPO3) before 0.4.2. The flaw stems from insufficient filtering of user data in the force_ua parameter sent to /contexts_wurfl/Library/wurfl-dbapi-1.4.4.0/check_wurfl.php, allowing arbitrary HTML/JavaScript to be executed in the victim’s browser. Impact is us...

CVE-2017-5962

An issue was discovered in contextswurfl for TYPO3 before 0.4.2. The vulnerability exists due to insufficient filtration of user-supplied data in the "forceua" HTTP GET parameter passed to the "/contextswurfl/Library/wurfl-dbapi-1.4.4.0/checkwurfl.php" URL. An attacker could execute arbitrary HTM...