2 matches found
GHSA-W3V6-R62R-FVQH Typo3 API XSS Vulnerabilities
The t3libdiv::RemoveXSS API method in TYPO3 4.4.0 through 4.4.13, 4.5.0 through 4.5.13, 4.6.0 through 4.6.6, 4.7, and 6.0 allows remote attackers to bypass the cross-site scripting XSS protection mechanism and inject arbitrary web script or HTML via non printable characters...
Cross site scripting
The t3libdiv::RemoveXSS API method in TYPO3 4.4.0 through 4.4.13, 4.5.0 through 4.5.13, 4.6.0 through 4.6.6, 4.7, and 6.0 allows remote attackers to bypass the cross-site scripting XSS protection mechanism and inject arbitrary web script or HTML via non printable characters...