Lucene search

K

Ubuntu.comUB:CVE-2014-3943

HistoryJun 03, 2014 - 12:00 a.m.

CVE-2014-3943

2014-06-0300:00:00

ubuntu.com

ubuntu.com

13

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

41.9%

Multiple cross-site scripting (XSS) vulnerabilities in unspecified backend
components in TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before
6.0.14, 6.1.0 before 6.1.9, and 6.2.0 before 6.2.3 allow remote
authenticated editors to inject arbitrary web script or HTML via unknown
parameters.

Bugs

<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=749215>

References

typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001/

www.debian.org/security/2014/dsa-2942

www.openwall.com/lists/oss-security/2014/06/03/2

launchpad.net/bugs/cve/CVE-2014-3943

nvd.nist.gov/vuln/detail/CVE-2014-3943

security-tracker.debian.org/tracker/CVE-2014-3943

www.cve.org/CVERecord?id=CVE-2014-3943

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

41.9%

Related for UB:CVE-2014-3943

prion1 osv2 github1 friendsofphp1 veracode1 cve1 cvelist1 openvas3 nessus1 typo31 securityvulns1