Lucene search
K

5 matches found

Github Security Blog
Github Security Blog
added 2020/12/21 4:28 p.m.49 views

Cross-Site Scripting in Fluid view helpers

Meta CVSS: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:F/RL:O/RC:C 5.7 CWE-79 Problem It has been discovered that system extension Fluid typo3/cms-fluid of the TYPO3 core is vulnerable to cross-site scripting passing user-controlled data as argument to Fluid view helpers. Solution Update to...

6.1CVSS5.8AI score0.00715EPSS
Exploits1References7Affected Software2
Veracode
Veracode
added 2020/11/24 8:23 a.m.20 views

Cross-Site Scripting (XSS)

TYPO3.CMS is vulnerable to cross-site scripting XSS. A remote attacker is able to inject and execute arbitrary Javascript via the Fluid view helpers...

6.1CVSS4.7AI score0.00715EPSS
Exploits1References2Affected Software2
Friends Of PHP
Friends Of PHP
added 2020/11/17 8:49 a.m.34 views

TYPO3-CORE-SA-2020-010: Cross-Site Scripting in Fluid view helpers

More info at https://typo3.org/security/advisory/typo3-core-sa-2020-010...

6.1CVSS7.2AI score0.00715EPSS
Exploits1Affected Software1
Friends Of PHP
Friends Of PHP
added 2020/11/17 8:49 a.m.39 views

TYPO3-CORE-SA-2020-010: Cross-Site Scripting in Fluid view helpers

More info at https://typo3.org/security/advisory/typo3-core-sa-2020-010...

6.1CVSS7.2AI score0.00715EPSS
Exploits1Affected Software1
Typo3
Typo3
added 2020/11/17 12:0 a.m.44 views

Cross-Site Scripting in Fluid view helpers

It has been discovered that system extension Fluid typo3/cms-fluid of the TYPO3 core is vulnerable to cross-site scripting passing user-controlled data as argument to Fluid view helpers...

4.3CVSS2.1AI score0.00715EPSS
Exploits1Affected Software1
Rows per page
Query Builder