Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2020/07/13 12:0 a.m.42 views

TYPO3 9.x < 9.5.17 / 10.x < 10.4.2 Multiple Vulnerabilities

The version of TYPO3 installed on the remote host is 9.x prior to 9.5.17 or 10.x prior to 10.4.2. It is, therefore, affected by multiple vulnerabilities: - A cross-site scripting XSS vulnerability exists in Typo3's form engine component due to improper validation of user-supplied input before...

10CVSS7.2AI score0.0199EPSS
Exploits0References8
NVD
NVD
added 2020/05/13 11:15 p.m.38 views

CVE-2020-11064

In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.17 and greater than or equal to 10.0.0 and less than 10.4.2, it has been discovered that HTML placeholder attributes containing data of other database records are vulnerable to cross-site scripting. A valid backend user account is need...

5.4CVSS6.1AI score0.0054EPSS
Exploits0References1
CVE
CVE
added 2020/05/13 10:50 p.m.103 views

CVE-2020-11064

TYPO3 CMS vulnerability CVE-2020-11064: Cross-site scripting in the Form Engine via HTML placeholder attributes containing data from other database records. A valid backend user is required to exploit. Affected ranges: 9.0.0–9.5.16 and 10.0.0–10.4.1. The issue is fixed in TYPO3 9.5.17 and 10.4.2....

5.4CVSS5.4AI score0.0054EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/05/13 10:50 p.m.41 views

CVE-2020-11064 Cross-Site Scripting in TYPO3 CMS

In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.17 and greater than or equal to 10.0.0 and less than 10.4.2, it has been discovered that HTML placeholder attributes containing data of other database records are vulnerable to cross-site scripting. A valid backend user account is need...

5.4CVSS5.4AI score0.0054EPSS
Exploits0References1
Rows per page
Query Builder