4 matches found
CVE-2024-34357 TYPO3 vulnerable to Cross-Site Scripting in ShowImageController
TYPO3 is an enterprise content management system. Starting in version 9.0.0 and prior to versions 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, and 13.1.1, failing to properly encode user-controlled values in file entities, the ShowImageController eID txcmsshowpic is vulnerable to cross-si...
CVE-2024-34357
TYPO3 shows a cross-site scripting vulnerability in the ShowImageController (eID tx_cms_showpic ) caused by improper encoding of user-controlled values in file entities. The issue affects versions 9.0.0 up to but not including fixed releases: 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, a...
CVE-2024-34357 TYPO3 vulnerable to Cross-Site Scripting in ShowImageController
TYPO3 is an enterprise content management system. Starting in version 9.0.0 and prior to versions 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, and 13.1.1, failing to properly encode user-controlled values in file entities, the ShowImageController eID txcmsshowpic is vulnerable to cross-si...
TYPO3 9.0.0 < 9.5.48 ELTS / 10.0.0 < 10.4.45 ELTS / 11.0.0 < 11.5.37 / 12.0.0 < 12.4.15 / 13.0.0 < 13.1.1 XSS (TYPO3-CORE-SA-2024-009)
The version of TYPO3 installed on the remote host is prior to 9.0.0 9.5.48 ELTS / 10.0.0 10.4.45 ELTS / 11.0.0 11.5.37 / 12.0.0 12.4.15 / 13.0.0 13.1.1. It is, therefore, affected by a vulnerability as referenced in the TYPO3-CORE-SA-2024-009 advisory. - TYPO3 is an enterprise content management...