Cross-site Scripting (XSS)

typo3/cms-backend is vulnerable to cross-site scripting. An authenticated malicious user is able to inject and execute malicious script via the content elements of type menu when their referenced items get previewed in the page module...

PT-2021-14453 · Typo3 · Typo3

Name of the Vulnerable Software and Affected Versions: TYPO3 versions prior to 7.6.51 TYPO3 versions prior to 8.7.40 TYPO3 versions prior to 9.5.25 TYPO3 versions prior to 10.4.14 TYPO3 versions prior to 11.1.1 Description: The issue concerns content elements of type menu being vulnerable to...