Количество 2
Количество 2
CVE-2020-11064
In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.17 and greater than or equal to 10.0.0 and less than 10.4.2, it has been discovered that HTML placeholder attributes containing data of other database records are vulnerable to cross-site scripting. A valid backend user account is needed to exploit this vulnerability. This has been fixed in 9.5.17 and 10.4.2.
GHSA-43gj-mj2w-wh46
Cross-Site Scripting in TYPO3 CMS Form Engine
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2020-11064 In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.17 and greater than or equal to 10.0.0 and less than 10.4.2, it has been discovered that HTML placeholder attributes containing data of other database records are vulnerable to cross-site scripting. A valid backend user account is needed to exploit this vulnerability. This has been fixed in 9.5.17 and 10.4.2. | CVSS3: 5.4 | 0% Низкий | больше 5 лет назад |
| GHSA-43gj-mj2w-wh46 Cross-Site Scripting in TYPO3 CMS Form Engine | CVSS3: 5.4 | 0% Низкий | больше 5 лет назад |
Уязвимостей на страницу