22 matches found
Directory Traversal
Overview tpwd/kesearch is a search extension for TYPO3, including faceting search functions. Affected versions of this package are vulnerable to Directory Traversal due to the file indexer failing to normalize the configured directory path. A backend user with permission to edit indexer...
EUVD-2022-3949
Malicious code in bioql PyPI...
EUVD-2023-1779
Malicious code in bioql PyPI...
CVE-2023-35783
The kesearch aka Faceted Search extension before 4.0.3, 4.1.x through 4.6.x before 4.6.6, and 5.x before 5.0.2 for TYPO3 allows XSS via indexed data...
CVE-2020-15517
The kesearch aka Faceted Search extension through 2.8.2, and 3.x through 3.1.3, for TYPO3 allows XSS...
ke_search (aka Faceted Search) vulnerable to Cross-Site Scripting
The kesearch aka Faceted Search extension before 4.0.3, 4.1.x through 4.6.x before 4.6.6, and 5.x before 5.0.2 for TYPO3 allows XSS via indexed data...
CVE-2023-35783
The kesearch aka Faceted Search extension before 4.0.3, 4.1.x through 4.6.x before 4.6.6, and 5.x before 5.0.2 for TYPO3 allows XSS via indexed data...
CVE-2023-35783
The kesearch aka Faceted Search extension before 4.0.3, 4.1.x through 4.6.x before 4.6.6, and 5.x before 5.0.2 for TYPO3 allows XSS via indexed data...
CVE-2023-35783
The CVE-2023-35783 vulnerability concerns the TYPO3 ke_search (Faceted Search) extension. Multiple connected sources confirm an XSS flaw via indexed data in ke_search versions prior to 4.0.3; 4.1.x through 4.6.x prior to 4.6.6; and 5.x prior to 5.0.2. Impact is cross-site scripting via the extens...
CVE-2023-35783
The kesearch aka Faceted Search extension before 4.0.3, 4.1.x through 4.6.x before 4.6.6, and 5.x before 5.0.2 for TYPO3 allows XSS via indexed data...
TYPO3-EXT-SA-2023-004: Cross-Site Scripting in extension "Faceted Search" (ke_search)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2023-004...
TYPO3-EXT-SA-2023-004: Cross-Site Scripting in extension "Faceted Search" (ke_search)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2023-004...
GHSA-GG48-MPP8-CGQC ke_search for Typo3 XSS Vulnerability
The kesearch aka Faceted Search extension through 2.8.2, and 3.x through 3.1.3, for TYPO3 allows XSS...
ke_search for Typo3 XSS Vulnerability
The kesearch aka Faceted Search extension through 2.8.2, and 3.x through 3.1.3, for TYPO3 allows XSS...
TYPO3 ke_search extension cross-site scripting vulnerability
TYPO3 is a free and open source content management system framework CMS/CMF of the Swiss TYPO3 Association. kesearch extension is one of the search engine extensions. A cross-site scripting vulnerability exists in TYPO3 kesearch extension. The vulnerability stems from the WEB application lacking...
CVE-2020-15517
The kesearch aka Faceted Search extension through 2.8.2, and 3.x through 3.1.3, for TYPO3 allows XSS...
Cross site scripting
The kesearch aka Faceted Search extension through 2.8.2, and 3.x through 3.1.3, for TYPO3 allows XSS...
CVE-2020-15517
The CVE-2020-15517 entry concerns TYPO3 ke_search (Faceted Search) where the extension effectively allows a stored XSS vulnerability. Affected components are the ke_search extension for TYPO3 versions up to 2.8.2 and 3.x up to 3.1.3, with the underlying issue caused by improper encoding of user i...
CVE-2020-15517
The kesearch aka Faceted Search extension through 2.8.2, and 3.x through 3.1.3, for TYPO3 allows XSS...
SQL Injection in extension "Faceted Search" (ke_search)
The extension fails to properly sanitize user input and is susceptible to SQL Injection...