Lucene search
TYPO3 AssociationTYPO3-EXT-SA-2020-008HistoryMay 12, 2020 - 12:00 a.m.
Cross-Site Scripting in "SVG Sanitizer" (svg_sanitizer)
2020-05-1200:00:00
TYPO3 Association
typo3.org
7
0.001 Low
EPSS
Percentile
21.2%
Slightly invalid or incomplete SVG markup is not correctly processed and thus not sanitized at all. Albeit the markup is not valid it is still evaluated in browsers can lead to Cross-Site Scripting.
| CPE | Name | Operator | Version |
|---|---|---|---|
| svg_sanitizer | le | 1.0.2 |
Related
osv
osv
CVE-2020-11070
2020-05-13 19:15:11
Cross-Site Scripting in SVG Sanitizer
2020-05-13 22:17:34
cve
cve
CVE-2020-11070
2020-05-13 19:15:11
cvelist
cvelist
CVE-2020-11070 Cross-Site Scripting in SVG Sanitizer
2020-05-13 18:40:11
github
github
Cross-Site Scripting in SVG Sanitizer
2020-05-13 22:17:34
veracode
veracode
Cross-Site Scripting (XSS)
2020-05-14 03:58:42
prion
prion
Cross site scripting
2020-05-13 19:15:00
nvd
nvd
CVE-2020-11070
2020-05-13 19:15:11