Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2014-3949

Опубликовано: 04 июн. 2014
Источник: nvd
CVSS2: 3.5
EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in the layout wizard in the Grid Elements (gridelements) extension before 1.5.1 and 2.0.x before 2.0.3 for TYPO3 allows remote authenticated backend users to inject arbitrary web script or HTML via unspecified vectors.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:jo_hasenau:gridelements:*:*:*:*:*:*:*:*
Версия до 1.5.0 (включая)
cpe:2.3:a:jo_hasenau:gridelements:0.1.0:*:*:*:*:*:*:*
cpe:2.3:a:jo_hasenau:gridelements:0.2.0:*:*:*:*:*:*:*
cpe:2.3:a:jo_hasenau:gridelements:0.3.0:*:*:*:*:*:*:*
cpe:2.3:a:jo_hasenau:gridelements:0.5.0:*:*:*:*:*:*:*
cpe:2.3:a:jo_hasenau:gridelements:0.6.0:*:*:*:*:*:*:*
cpe:2.3:a:jo_hasenau:gridelements:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:jo_hasenau:gridelements:1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:jo_hasenau:gridelements:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:jo_hasenau:gridelements:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:jo_hasenau:gridelements:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:jo_hasenau:gridelements:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:jo_hasenau:gridelements:1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:jo_hasenau:gridelements:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:jo_hasenau:gridelements:1.3.2:*:*:*:*:*:*:*
cpe:2.3:a:jo_hasenau:gridelements:1.3.3:*:*:*:*:*:*:*
cpe:2.3:a:jo_hasenau:gridelements:1.3.4:*:*:*:*:*:*:*
cpe:2.3:a:jo_hasenau:gridelements:1.3.5:*:*:*:*:*:*:*
cpe:2.3:a:jo_hasenau:gridelements:1.3.6:*:*:*:*:*:*:*
cpe:2.3:a:jo_hasenau:gridelements:1.3.7:*:*:*:*:*:*:*
cpe:2.3:a:jo_hasenau:gridelements:1.3.8:*:*:*:*:*:*:*
cpe:2.3:a:jo_hasenau:gridelements:1.3.9:*:*:*:*:*:*:*
cpe:2.3:a:jo_hasenau:gridelements:1.3.10:*:*:*:*:*:*:*
cpe:2.3:a:jo_hasenau:gridelements:1.3.11:*:*:*:*:*:*:*
cpe:2.3:a:jo_hasenau:gridelements:1.3.12:*:*:*:*:*:*:*
cpe:2.3:a:jo_hasenau:gridelements:1.3.13:*:*:*:*:*:*:*
cpe:2.3:a:jo_hasenau:gridelements:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:jo_hasenau:gridelements:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:-:*:*:*:*:*:*:*
Конфигурация 2

Одновременно

Одно из

cpe:2.3:a:jo_hasenau:gridelements:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:jo_hasenau:gridelements:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:jo_hasenau:gridelements:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:-:*:*:*:*:*:*:*

EPSS

Процентиль: 42%
0.00201
Низкий

3.5 Low

CVSS2

Дефекты

CWE-79

Связанные уязвимости

github логотип

GHSA-x432-5xp7-vvxj

github
больше 3 лет назад

Cross-site scripting (XSS) vulnerability in the layout wizard in the Grid Elements (gridelements) extension before 1.5.1 and 2.0.x before 2.0.3 for TYPO3 allows remote authenticated backend users to inject arbitrary web script or HTML via unspecified vectors.

EPSS

Процентиль: 42%
0.00201
Низкий

3.5 Low

CVSS2

Дефекты

CWE-79