2 matches found
Cross-site Scripting (XSS)
TYPO3 is vulnerable to Cross-site Scripting XSS. The vulnerability is due to failing to properly encode user input in the login status display in the website frontend, requiring a valid user account either backend or frontend to exploit...
GHSA-8C25-VJ2W-P72J TYPO3 Cross-Site Scripting in Frontend User Login
Failing to properly encode user input, login status display is vulnerable to cross-site scripting in the website frontend. A valid user account is needed in order to exploit this vulnerability - either a backend user or a frontend user having the possibility to modify their user profile. Template...