GHSA-c5x3-gq36-prrp

Опубликовано: 13 мая 2022

Источник: github

Github: Прошло ревью

CVSS4: 1.3

Описание

PHPUnit extension for TYPO3 vulnerable to Cross-site Scripting

Cross-site scripting (XSS) vulnerability in the PHPUnit extension before 3.5.15 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Ссылки

https://nvd.nist.gov/vuln/detail/CVE-2013-4744
https://exchange.xforce.ibmcloud.com/vulnerabilities/81194
https://web.archive.org/web/20130129050219/http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-001
http://typo3.org/extensions/repository/view/phpunit

Пакеты

Наименование

oliverklee/phpunit

composer

Затронутые версииВерсия исправления

< 3.5.15

3.5.15

EPSS

Процентиль: 58%

0.00367

Низкий

1.3 Low

CVSS4

CVE ID

CVE-2013-4744

Дефекты

CWE-79

Связанные уязвимости

CVE-2013-4744

nvd

больше 12 лет назад

Cross-site scripting (XSS) vulnerability in the PHPUnit extension before 3.5.15 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

EPSS

Процентиль: 58%

0.00367

Низкий

1.3 Low

CVSS4

CVE ID

CVE-2013-4744

Дефекты

CWE-79