2 matches found
CVE-2021-32768
TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions failing to properly parse, sanitize and encode malicious rich-text content, the content rendering process in the website frontend is vulnerable to cross-site scripting. Corresponding...
CVE-2021-32768
CVE-2021-32768 is a cross-site scripting vulnerability in TYPO3 where the frontend rendering of rich-text content can reflect malicious input due to HTMLparser not filtering all tag/attribute combinations by default. In typical scenarios, exploitation requires a valid backend user account, but if...