Описание
Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 CMS 4.1.x before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4, and 4.4.x before 4.4.1 allow remote authenticated backend users to inject arbitrary web script or HTML via unspecified parameters to the extension manager, or unspecified parameters to unknown backend forms.
Ссылки
- Mailing List
- Mailing List
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Vendor Advisory
- Mailing List
- Mailing List
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Одно из
EPSS
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
Связанные уязвимости
Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 CMS 4.1.x before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4, and 4.4.x before 4.4.1 allow remote authenticated backend users to inject arbitrary web script or HTML via unspecified parameters to the extension manager, or unspecified parameters to unknown backend forms.
Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 CMS 4.1.x ...
TYPO3 Cross-site Scripting vulnerability in the extension manager and backend forms
EPSS
5.4 Medium
CVSS3
3.5 Low
CVSS2