2 matches found
CVE-2009-4159
Cross-site scripting XSS vulnerability in the newsletter configuration feature in the backend module in the Direct Mail directmail extension 2.6.4 and earlier for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...
CVE-2009-4159
CVE-2009-4159 describes a cross-site scripting (XSS) vulnerability in the newsletter configuration feature of the TYPO3 Direct Mail extension (direct_mail), affecting version 2.6.4 and earlier. The flaw resides in the backend module and allows remote authenticated users to inject arbitrary web sc...