Lucene search
TYPO3 AssociationTYPO3-EXT-SA-2020-012HistoryJul 07, 2020 - 12:00 a.m.
Cross-Site Scripting in extension "Google reCAPTCHA (v2/v3)" (jh_captcha)
2020-07-0700:00:00
TYPO3 Association
typo3.org
21
0.001 Low
EPSS
Percentile
19.4%
The extension fails to properly encode user input for output in HTML context. The issue is only exploitable by backend users with access to TypoScript settings of the extension.
| CPE | Name | Operator | Version |
|---|---|---|---|
| jh_captcha | le | 2.1.3 | |
| jh_captcha | ge | 3.0.2 | |
| jh_captcha | le | 3.0.0 |
Related
prion
prion
Cross site scripting
2020-07-07 14:15:00
github
github
jh_captcha for Typo3 XSS Vulnerability
2022-05-24 17:22:31
osv
osv
jh_captcha for Typo3 XSS Vulnerability
2022-05-24 17:22:31
veracode
veracode
Cross-Site Scripting (XSS)
2020-07-08 04:37:33
cve
cve
CVE-2020-15514
2020-07-07 14:15:11
cvelist
cvelist
CVE-2020-15514
2020-07-07 13:48:05
nvd
nvd
CVE-2020-15514
2020-07-07 14:15:11