Lucene search
+L

4 matches found

Vulnrichment
Vulnrichment
added 2024/05/14 2:13 p.m.20 views

CVE-2024-34357 TYPO3 vulnerable to Cross-Site Scripting in ShowImageController

TYPO3 is an enterprise content management system. Starting in version 9.0.0 and prior to versions 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, and 13.1.1, failing to properly encode user-controlled values in file entities, the ShowImageController eID txcmsshowpic is vulnerable to cross-si...

5.4CVSS6.3AI score0.00502EPSS
Exploits0References5
CVE
CVE
added 2024/05/14 2:13 p.m.76 views

CVE-2024-34357

TYPO3 shows a cross-site scripting vulnerability in the ShowImageController (eID tx_cms_showpic ) caused by improper encoding of user-controlled values in file entities. The issue affects versions 9.0.0 up to but not including fixed releases: 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, a...

5.4CVSS5.1AI score0.00502EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2024/05/14 2:13 p.m.39 views

CVE-2024-34357 TYPO3 vulnerable to Cross-Site Scripting in ShowImageController

TYPO3 is an enterprise content management system. Starting in version 9.0.0 and prior to versions 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, and 13.1.1, failing to properly encode user-controlled values in file entities, the ShowImageController eID txcmsshowpic is vulnerable to cross-si...

5.4CVSS5.4AI score0.00502EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/05/14 12:0 a.m.19 views

TYPO3 9.0.0 < 9.5.48 ELTS / 10.0.0 < 10.4.45 ELTS / 11.0.0 < 11.5.37 / 12.0.0 < 12.4.15 / 13.0.0 < 13.1.1 XSS (TYPO3-CORE-SA-2024-009)

The version of TYPO3 installed on the remote host is prior to 9.0.0 9.5.48 ELTS / 10.0.0 10.4.45 ELTS / 11.0.0 11.5.37 / 12.0.0 12.4.15 / 13.0.0 13.1.1. It is, therefore, affected by a vulnerability as referenced in the TYPO3-CORE-SA-2024-009 advisory. - TYPO3 is an enterprise content management...

5.4CVSS5.4AI score0.00502EPSS
Exploits0References2
Rows per page
Query Builder