teaminmedias-pluswerk/ke_search (aka) Faceted Search extension of Typo3 is vulnerable to cross-site scripting (XSS). A remote attacker is able to inject arbitrary Javascript into a victim’s browser via parameters such as content
,abstract
,message
,tag
, title
in the backend module controller.
CPE | Name | Operator | Version |
---|---|---|---|
teaminmedias-pluswerk/ke_search | le | 3.1.3 | |
teaminmedias-pluswerk/ke_search | le | 2.8.2 |