4 matches found
GHSA-HPJM-3WW5-6CPF Cross-Site Scripting through Fluid view helper arguments
Meta CVSS: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:F/RL:O/RC:C 5.7 CWE-79 Problem Three XSS vulnerabilities have been detected in Fluid: 1. TagBasedViewHelper allowed XSS throug maliciously crafted additionalAttributes arrays by creating keys with attribute-closing quotes followed by HTML...
TYPO3 跨站脚本漏洞
TYPO3 is a free and open source content management system framework CMS/CMF of the Swiss TYPO3 Typo3 Association. TYPO3 suffers from a cross-site scripting vulnerability that originates from insufficient processing of user-supplied data in the system extension Fluid typo3 / cms-fluid when...
Cross-Site Scripting through Fluid view helper arguments
Three XSS vulnerabilities have been detected in Fluid:...
Cross-Site Scripting through Fluid view helper arguments
More info at https://typo3.org/security/advisory/typo3-core-sa-2020-009...