Lucene search
+L

5 matches found

NVD
NVD
added 2023/07/25 9:15 p.m.20 views

CVE-2023-38500

TYPO3 HTML Sanitizer is an HTML sanitizer, written in PHP, aiming to provide cross-site-scripting-safe markup based on explicitly allowed tags, attributes and values. Starting in version 1.0.0 and prior to versions 1.5.1 and 2.1.2, due to an encoding issue in the serialization layer, malicious...

6.1CVSS5.3AI score0.0043EPSS
Exploits0References3
CVE
CVE
added 2023/07/25 8:59 p.m.62 views

CVE-2023-38500

The CVE-2023-38500 entry concerns TYPO3 HTML Sanitizer, a PHP-based HTML sanitizer. A vulnerability exists in versions 1.0.0 up to, but not including, 1.5.1 and 2.1.2, caused by an encoding issue in the serialization layer that could fail to properly encode malicious markup nested in a noscript e...

6.1CVSS5.2AI score0.0043EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/07/25 8:59 p.m.12 views

CVE-2023-38500 By-passing Cross-Site Scripting Protection in HTML Sanitizer

TYPO3 HTML Sanitizer is an HTML sanitizer, written in PHP, aiming to provide cross-site-scripting-safe markup based on explicitly allowed tags, attributes and values. Starting in version 1.0.0 and prior to versions 1.5.1 and 2.1.2, due to an encoding issue in the serialization layer, malicious...

4.7CVSS6AI score0.0043EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/07/25 8:59 p.m.29 views

CVE-2023-38500 By-passing Cross-Site Scripting Protection in HTML Sanitizer

TYPO3 HTML Sanitizer is an HTML sanitizer, written in PHP, aiming to provide cross-site-scripting-safe markup based on explicitly allowed tags, attributes and values. Starting in version 1.0.0 and prior to versions 1.5.1 and 2.1.2, due to an encoding issue in the serialization layer, malicious...

4.7CVSS6.2AI score0.0043EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/07/25 12:0 a.m.22 views

TYPO3 8.7.42 < 8.7.53 ELTS / 9.5.29 < 9.5.42 ELTS / 10.4.19 < 10.4.39 ELTS / 11.3.2 < 11.5.30 / 12.0.0 < 12.4.4 XSS (TYPO3-CORE-SA-2023-002)

The version of TYPO3 installed on the remote host is prior to 8.7.42 8.7.53 ELTS / 9.5.29 9.5.42 ELTS / 10.4.19 10.4.39 ELTS / 11.3.2 11.5.30 / 12.0.0 12.4.4. It is, therefore, affected by a vulnerability as referenced in the TYPO3-CORE-SA-2023-002 advisory. - Due to an encoding issue in the...

6.1CVSS5.9AI score0.0043EPSS
Exploits0References2
Rows per page
Query Builder