Lucene search

K

TYPO3 AssociationTYPO3-EXT-SA-2021-007

HistoryApr 27, 2021 - 12:00 a.m.

Cross-Site Scripting in extension "Bootstrap Package" (bootstrap_package)

2021-04-2700:00:00

TYPO3 Association

typo3.org

38

cross-site scripting

bootstrap package

html context

user input

vulnerability

software

EPSS

0.001

Percentile

26.9%

The extension fails to properly encode user input for output in HTML context. The following templates are affected by the vulnerability:

EPSS

0.001

Percentile

26.9%

Related for TYPO3-EXT-SA-2021-007

prion1 cve1 nvd1 osv3 github1 veracode1 cvelist1