4 matches found
TYPO3 9.x < 9.5.17 / 10.x < 10.4.2 Multiple Vulnerabilities
The version of TYPO3 installed on the remote host is 9.x prior to 9.5.17 or 10.x prior to 10.4.2. It is, therefore, affected by multiple vulnerabilities: - A cross-site scripting XSS vulnerability exists in Typo3's form engine component due to improper validation of user-supplied input before...
CVE-2020-11064
In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.17 and greater than or equal to 10.0.0 and less than 10.4.2, it has been discovered that HTML placeholder attributes containing data of other database records are vulnerable to cross-site scripting. A valid backend user account is need...
CVE-2020-11064
TYPO3 CMS vulnerability CVE-2020-11064: Cross-site scripting in the Form Engine via HTML placeholder attributes containing data from other database records. A valid backend user is required to exploit. Affected ranges: 9.0.0–9.5.16 and 10.0.0–10.4.1. The issue is fixed in TYPO3 9.5.17 and 10.4.2....
CVE-2020-11064 Cross-Site Scripting in TYPO3 CMS
In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.17 and greater than or equal to 10.0.0 and less than 10.4.2, it has been discovered that HTML placeholder attributes containing data of other database records are vulnerable to cross-site scripting. A valid backend user account is need...