2 matches found
CVE-2021-21358
TYPO3 CMS is affected by a cross-site scripting (XSS) vulnerability in the Form Designer backend module of the Form Framework. The issue exists in TYPO3 versions before 10.4.14 and 11.1.1, and requires a valid backend user account with access to the Form module to exploit. It is fixed in versions...
CVE-2021-21358 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in typo3/cms-form
TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 10.4.14, 11.1.1 it has been discovered that the Form Designer backend module of the Form Framework is vulnerable to cross-site scripting. A valid backend user account with access to the form module is needed...