Lucene search
K

4 matches found

OSV
OSV
added 2024/06/07 5:10 p.m.11 views

GHSA-G7HW-JH4P-75WR TYPO3 Cross-Site Scripting in Filelist Module

It has been discovered that the output table listing in the “Files” backend module is vulnerable to cross-site scripting when a file extension contains malicious sequences. Access to the file system of the server - either directly or through synchronization - is required to exploit the...

6.1CVSS6.5AI score
Exploits0References6
OSV
OSV
added 2024/05/30 6:35 p.m.8 views

GHSA-6XWF-7RFM-4GWC TYPO3 Cross-Site Scripting in Filelist Module

It has been discovered that the output table listing in the “Files” backend module is vulnerable to cross-site scripting when a file extension contains malicious sequences. Access to the file system of the server - either directly or through synchronization - is required to exploit the...

6.1CVSS6.5AI score
Exploits0References3
Typo3
Typo3
added 2019/12/17 12:0 a.m.14 views

Cross-Site Scripting in Filelist Module

It has been discovered that the output table listing in the “Files” backend module is vulnerable to cross-site scripting when a file extension contains malicious sequences...

6.2AI score
Exploits0Affected Software1
Typo3
Typo3
added 2019/06/25 12:0 a.m.13 views

Arbitrary Code Execution and Cross-Site Scripting in Backend API

Backend API configuration using Page TSconfig is vulnerable to arbitrary code execution and cross-site scripting. TSconfig fields of page properties in backend forms can be used to inject malicious sequences. Field tsconfigincludes is vulnerable to directory traversal leading to same scenarios as...

7.5AI score
Exploits0Affected Software1
Rows per page
Query Builder