Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSV
OSVadded 2020/05/13 11:17 p.m.24 views

GHSA-43GJ-MJ2W-WH46 Cross-Site Scripting in TYPO3 CMS Form Engine

In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.17 and greater than or equal to 10.0.0 and less than 10.4.2, it has been discovered that HTML placeholder attributes containing data of other database records are vulnerable to cross-site scripting. A valid backend user account is need...

5.4CVSS5.3AI score0.00206EPSS
Exploits0References5
Github Security Blog
Github Security Blogadded 2020/05/13 11:17 p.m.71 views

Cross-Site Scripting in TYPO3 CMS Form Engine

In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.17 and greater than or equal to 10.0.0 and less than 10.4.2, it has been discovered that HTML placeholder attributes containing data of other database records are vulnerable to cross-site scripting. A valid backend user account is need...

5.4CVSS1AI score0.00206EPSS
Exploits0References6Affected Software2
CNVD
CNVDadded 2020/05/13 12:0 a.m.2 views

TYPO3 Form Engine Component Cross-Site Scripting Vulnerability

TYPO3 is a free and open source content management system framework CMS/CMF of the Swiss TYPO3 Association. A cross-site scripting vulnerability exists in the Form Engine component of TYPO3 versions 9.0.0 through 9.5.16 and 10.0.0 through 10.4.1. The vulnerability stems from a lack of proper...

5.4CVSS6.4AI score0.00206EPSS
Exploits0References1
Friends Of PHP
Friends Of PHPadded 2020/05/12 9:21 a.m.16 views

TYPO3-CORE-SA-2020-002: Cross-Site Scripting in Form Engine

More info at https://typo3.org/security/advisory/typo3-core-sa-2020-002...

5.4CVSS7.2AI score0.00206EPSS
Exploits0Affected Software1
Friends Of PHP
Friends Of PHPadded 2020/05/12 9:21 a.m.24 views

TYPO3-CORE-SA-2020-002: Cross-Site Scripting in Form Engine

More info at https://typo3.org/security/advisory/typo3-core-sa-2020-002...

5.4CVSS7.2AI score0.00206EPSS
Exploits0Affected Software1
Typo3
Typo3added 2020/05/12 12:0 a.m.23 views

Cross-Site Scripting in Form Engine

It has been discovered that HTML placeholder attributes containing data of other database records are vulnerable to cross-site scripting. A valid backend user account is needed to exploit this vulnerability...

3.5CVSS1AI score0.00206EPSS
Exploits0Affected Software1
OSV
OSVadded 2018/02/27 5:29 a.m.0 views

CVE-2018-4913

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the XFA engine, related to DOM manipulation. The vulnerability is...

8.8CVSS6AI score0.09057EPSS
Exploits0References4
FreeBSD
FreeBSDadded 2007/02/21 12:0 a.m.23 views

typo3 -- email header injection

Olivier Dobberkau, Andreas Otto, and Thorsten Kahler report: An unspecified error in the internal form engine can be used for sending arbitrary mail headers, using it for purposes which it is not meant for, e.g. sending spam messages...

7.5CVSS6.7AI score0.00698EPSS
Exploits0References2
Rows per page
Query Builder