3 matches found
CVE-2014-6297
Cross-site scripting XSS vulnerability in the mmforum extension before 1.9.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2014-6297
The CVE-2014-6297 entry corresponds to a Cross‑site Scripting (XSS) vulnerability in the TYPO3 mm_forum extension prior to 1.9.3. The issue affects TYPO3 installations using mm_forum version ≤ 1.9.2 and is caused by insufficient input sanitization, allowing remote attackers to inject arbitrary we...
Several vulnerabilities in extension mm_forum (mm_forum)
It has been discovered that the extension "mmforum" mmforum is vulnerable to Arbitrary Code Execution, Cross-Site Scripting and Cross-Site Request Forgery Release Date: February 12, 2014 Bulletin update: September 18, 2014 added CVEs Component Type: Third party extension. This extension is not a...