Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:60376
HistorySep 09, 2012 - 12:00 a.m.

TYPO3 不完整黑名单跨站脚本漏洞(CVE-2012-3530)

2012-09-0900:00:00
Root
www.seebug.org
14

0.003 Low

EPSS

Percentile

68.4%

JSON

CVE ID:CVE-2012-3530

TYPO3是一个免费开源的内容管理系统。
TYPO3 t3lib_div::quoteJSvalue API函数存在不完整黑名单漏洞,允许远程攻击者利用漏洞通过某些HTML5 JavaScript事件注入任意WEB脚本或者HTML,可获得敏感信息或劫持用户会话。
0
TYPO3 4.5.x
TYPO3 4.6.x
TYPO3 4.7.x
厂商解决方案

用户可参考如下供应商提供的安全公告获得补丁信息:
http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-004/

Related

ubuntucve 1
osv 2
cve 1
prion 1
cvelist 1
github 1
securityvulns 2
openvas 3
nessus 1
debian 1
ubuntucve
ubuntucve
CVE-2012-3530
2012-09-05 00:00:00
osv
osv
Typo3 API XSS Vulnerability
2022-05-17 01:43:49
typo3-src - several
2012-08-30 00:00:00
cve
cve
CVE-2012-3530
2012-09-05 23:55:02
prion
prion
Cross site scripting
2012-09-05 23:55:00
cvelist
cvelist
CVE-2012-3530
2012-09-05 23:00:00
github
github
Typo3 API XSS Vulnerability
2022-05-17 01:43:49
securityvulns
securityvulns
[SECURITY] [DSA 2537-1] typo3-src security update
2012-09-02 00:00:00
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2012-09-02 00:00:00
openvas
openvas
Debian Security Advisory DSA 2537-1 (typo3-src)
2012-09-07 00:00:00
Debian: Security Advisory (DSA-2537-1)
2012-09-07 00:00:00
TYPO3 Multiple Vulnerabilities (Aug 2012)
2014-01-03 00:00:00
nessus
nessus
Debian DSA-2537-1 : typo3-src - several vulnerabilities
2012-08-31 00:00:00
debian
debian
[SECURITY] [DSA 2537-1] typo3-src security update
2012-08-30 19:58:39

0.003 Low

EPSS

Percentile

68.4%

JSON
Related for SSV:60376
ubuntucve1osv2cve1prion1cvelist1github1securityvulns2openvas3nessus1debian1