2 matches found
CVE-2020-15517
The CVE-2020-15517 entry concerns TYPO3 ke_search (Faceted Search) where the extension effectively allows a stored XSS vulnerability. Affected components are the ke_search extension for TYPO3 versions up to 2.8.2 and 3.x up to 3.1.3, with the underlying issue caused by improper encoding of user i...
CVE-2023-35783
The CVE-2023-35783 vulnerability concerns the TYPO3 ke_search (Faceted Search) extension. Multiple connected sources confirm an XSS flaw via indexed data in ke_search versions prior to 4.0.3; 4.1.x through 4.6.x prior to 4.6.6; and 5.x prior to 5.0.2. Impact is cross-site scripting via the extens...