3 matches found
CVE-2014-3949
Cross-site scripting XSS vulnerability in the layout wizard in the Grid Elements gridelements extension before 1.5.1 and 2.0.x before 2.0.3 for TYPO3 allows remote authenticated backend users to inject arbitrary web script or HTML via unspecified vectors...
CVE-2014-3949
CVE-2014-3949 describes a cross-site scripting (XSS) vulnerability in the Grid Elements (gridelements) TYPO3 extension. The issue affects the layout wizard in versions before 1.5.1 and 2.0.x before 2.0.3, allowing a remote authenticated backend user to inject arbitrary script or HTML via unspecif...
Cross-Site Scripting in gridelements
It has been discovered that the extension "Grid Elements" gridelements is susceptible to Cross-Site Scripting Release Date: May 27, 2014 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: 2.0.2 and below, 1.5.0 and below...