3 matches found
CVE-2014-7200
Cross-site scripting XSS vulnerability in pi1/class.txdmmjobcontrolpi1.php in the JobControl dmmjobcontrol extension 2.14.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via the txdmmjobcontrolpi1searchkeyword parameter to jobs/...
CVE-2014-7200
CVE-2014-7200 affects the TYPO3 extension JobControl (dmmjobcontrol) up to version 2.14.0. The vulnerability is a Cross-Site Scripting (XSS) in pi1/class.tx_dmmjobcontrol_pi1.php, exploitable via tx_dmmjobcontrol_pi1[search][keyword] to jobs/. The root cause is insufficient escaping of user input...
Several vulnerabilities in extension JobControl (dmmjobcontrol)
It has been discovered that the extension "JobControl" dmmjobcontrol is susceptible to Cross-Site Scripting and SQL Injection. Release Date: September 25, 2014 Bulletin update: October 6, 2014 added CVEs Component Type: Third party extension. This extension is not a part of the TYPO3 default...