GHSA-94C2-G68F-9R98 Typo3 API XSS Vulnerability

Incomplete blacklist vulnerability in the t3libdiv::quoteJSvalue API function in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote attackers to conduct cross-site scripting XSS attacks via certain HTML5 JavaScript events...

Typo3 API XSS Vulnerability

Incomplete blacklist vulnerability in the t3libdiv::quoteJSvalue API function in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote attackers to conduct cross-site scripting XSS attacks via certain HTML5 JavaScript events...

GHSA-M7RG-85G8-28M9 TYPO3 API function vulnerable to Cross-site Scripting

Cross-site scripting XSS vulnerability in the t3libdiv::quoteJSvalue API function in TYPO3 4.0.13 and earlier, 4.1.x before 4.1.13, 4.2.x before 4.2.10, and 4.3.x before 4.3beta2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the sanitizing...

TYPO3 API function vulnerable to Cross-site Scripting

Cross-site scripting XSS vulnerability in the t3libdiv::quoteJSvalue API function in TYPO3 4.0.13 and earlier, 4.1.x before 4.1.13, 4.2.x before 4.2.10, and 4.3.x before 4.3beta2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the sanitizing...

TYPO3 不完整黑名单跨站脚本漏洞(CVE-2012-3530)

CVE ID:CVE-2012-3530 TYPO3是一个免费开源的内容管理系统。 TYPO3 t3libdiv::quoteJSvalue API函数存在不完整黑名单漏洞，允许远程攻击者利用漏洞通过某些HTML5 JavaScript事件注入任意WEB脚本或者HTML，可获得敏感信息或劫持用户会话。 0 TYPO3 4.5.x TYPO3 4.6.x TYPO3 4.7.x 厂商解决方案 用户可参考如下供应商提供的安全公告获得补丁信息：...