Количество 2
Количество 2
CVE-2023-47125
TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions DOM processing instructions are not handled correctly. This allows bypassing the cross-site scripting mechanism of typo3/html-sanitizer. This vulnerability has been addressed in versions 1.5.3 and 2.1.4. Users are advised to upgrade. There are no known workarounds for this vulnerability.
GHSA-mm79-jhqm-9j54
Bypassing Cross-Site Scripting Protection in TYPO3 HTML Sanitizer
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-47125 TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions DOM processing instructions are not handled correctly. This allows bypassing the cross-site scripting mechanism of typo3/html-sanitizer. This vulnerability has been addressed in versions 1.5.3 and 2.1.4. Users are advised to upgrade. There are no known workarounds for this vulnerability. | CVSS3: 4.7 | 0% Низкий | около 2 лет назад |
| GHSA-mm79-jhqm-9j54 Bypassing Cross-Site Scripting Protection in TYPO3 HTML Sanitizer | CVSS3: 4.7 | 0% Низкий | около 2 лет назад |
Уязвимостей на страницу