TYPO3 Multiple Vulnerabilities-01 July-2104

Summary
This host is installed with TYPO3 and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow remote attackers to conduct host spoofing and cross-site scripting attacks. Impact Level: Application
Solution
Upgrade to TYPO3 version 4.5.34, 4.7.19, 6.0.14, 6.1.9 or 6.2.3 or later, For updates refer to http://typo3.org
Insight
The flaws are due to, - Failing to properly validate the HTTP host-header TYPO3 CMS is susceptible to host spoofing. - Failing to properly encode user input, several backend components are susceptible to Cross-Site Scripting, allowing authenticated editors to inject arbitrary HTML or JavaScript by crafting URL parameters.
Affected
TYPO3 versions 4.5.0 to 4.5.33, 4.7.0 to 4.7.18, 6.0.0 to 6.0.13, 6.1.0 to 6.1.8 and 6.2.0 to 6.2.2
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References