Lucene search
+L

4 matches found

OpenVAS
OpenVAS
added 2021/07/21 12:0 a.m.19 views

TYPO3 Multiple XSS Vulnerabilities (TYPO3-CORE-SA-2021-010, TYPO3-CORE-SA-2021-011)

TYPO3 is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:typo3:typo3"...

6.4CVSS5.6AI score0.00603EPSS
Exploits0References2
NVD
NVD
added 2021/07/20 4:15 p.m.30 views

CVE-2021-32669

TYPO3 is an open source PHP based web content management system. Versions 9.0.0 through 9.5.28, 10.0.0 through 10.4.17, and 11.0.0 through 11.3.0 have a cross-site scripting vulnerability. When settings for backend layouts are not properly encoded, the corresponding grid view is vulnerable to...

6.4CVSS0.00603EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/07/20 3:35 p.m.33 views

CVE-2021-32669 Cross-Site Scripting in Backend Grid View

TYPO3 is an open source PHP based web content management system. Versions 9.0.0 through 9.5.28, 10.0.0 through 10.4.17, and 11.0.0 through 11.3.0 have a cross-site scripting vulnerability. When settings for backend layouts are not properly encoded, the corresponding grid view is vulnerable to...

6.4CVSS6.2AI score0.00603EPSS
Exploits0References2
CVE
CVE
added 2021/07/20 3:35 p.m.103 views

CVE-2021-32669

CVE-2021-32669 affects TYPO3 CMS: multiple versions (9.0.0–9.5.28, 10.0.0–10.4.17, 11.0.0–11.3.0) are vulnerable to persistent cross-site scripting in the grid view when backend layouts settings aren’t properly encoded. A valid backend user is required to exploit it. TYPO3 fixed this in versions ...

6.4CVSS5.2AI score0.00603EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder