Описание
TYPO3 allows remote attackers to embed Flash videos from external domain
The Flvplayer component in TYPO3 6.2.x before 6.2.16 allows remote attackers to embed Flash videos from external domains via unspecified vectors, aka "Cross-Site Flashing."
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2015-8760
- https://github.com/TYPO3/typo3/commit/29ae05c04cb48d4031d323f17d8f2b68b27af353
- https://typo3.org/security/advisory/typo3-core-sa-2015-014
- https://web.archive.org/web/20160621232021/http://www.securityfocus.com/bid/79210
- https://web.archive.org/web/20161012163613/http://www.securitytracker.com/id/1034485
Пакеты
Наименование
typo3/cms
composer
Затронутые версииВерсия исправления
>= 6.2.0, < 6.2.16
6.2.16
Связанные уязвимости
CVSS3: 6.1
ubuntu
около 10 лет назад
The Flvplayer component in TYPO3 6.2.x before 6.2.16 allows remote attackers to embed Flash videos from external domains via unspecified vectors, aka "Cross-Site Flashing."
CVSS3: 6.1
nvd
около 10 лет назад
The Flvplayer component in TYPO3 6.2.x before 6.2.16 allows remote attackers to embed Flash videos from external domains via unspecified vectors, aka "Cross-Site Flashing."