TYPO3.CMS is vulnerable to cross-site scripting (XSS). A remote attacker is able to inject and execute arbitrary Javascript via the Fluid view helpers.
CPE | Name | Operator | Version |
---|---|---|---|
typo3/cms | le | 10.4.9 | |
typo3/cms | le | 9.5.22 | |
typo3/cms-core | le | 10.4.9 | |
typo3/cms-core | le | 9.5.22 |