2 matches found
CVE-2020-11070 Cross-Site Scripting in SVG Sanitizer
The SVG Sanitizer extension for TYPO3 has a cross-site scripting vulnerability in versions before 1.0.3. Slightly invalid or incomplete SVG markup is not correctly processed and thus not sanitized at all. Albeit the markup is not valid it still is evaluated in browsers and leads to cross-site...
CVE-2020-11070
CVE-2020-11070 affects TYPO3 SVG Sanitizer extension. The vulnerability arises when slightly invalid or incomplete SVG markup is not sanitized, allowing the browser to execute cross-site scripting. Affected versions are prior to 1.0.3. The issue stems from inadequate handling of malformed SVG dur...