Lucene search
Veracode Vulnerability DatabaseVERACODE:25415HistoryMay 14, 2020 - 7:29 a.m.
Cross-site Scripting (XSS)
2020-05-1407:29:12
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
3
0.001 Low
EPSS
Percentile
21.4%
typo3/cms is susceptible to cross-site scripting (XSS). The attack is possible because of lack of sanitization of HTML placeholder attributes, allowing a valid backend user account to inject malicious scripts via the attributes and get executed when a user visits the page.
Related
cvelist
cvelist
CVE-2020-11064 Cross-Site Scripting in TYPO3 CMS
2020-05-13 22:50:11
nvd
nvd
CVE-2020-11064
2020-05-13 23:15:11
osv
osv
BIT-typo3-2020-11064
2024-03-06 11:12:06
CVE-2020-11064
2020-05-13 23:15:11
Cross-Site Scripting in TYPO3 CMS Form Engine
2020-05-13 23:17:48
friendsofphp
friendsofphp
TYPO3-CORE-SA-2020-002: Cross-Site Scripting in Form Engine
2020-05-12 09:21:07
TYPO3-CORE-SA-2020-002: Cross-Site Scripting in Form Engine
2020-05-12 09:21:07
typo3
typo3
Cross-Site Scripting in Form Engine
2020-05-12 00:00:00
prion
prion
Cross site scripting
2020-05-13 23:15:00
github
github
Cross-Site Scripting in TYPO3 CMS Form Engine
2020-05-13 23:17:48
cve
cve
CVE-2020-11064
2020-05-13 23:15:11
openvas
openvas
nessus
nessus
TYPO3 9.x < 9.5.17 / 10.x < 10.4.2 Multiple Vulnerabilities
2020-07-13 00:00:00
freebsd
freebsd
typo3 -- multiple vulnerabilities
2020-05-12 00:00:00