Description
The t3lib_div::RemoveXSS API method in TYPO3 4.4.0 through 4.4.13, 4.5.0 through 4.5.13, 4.6.0 through 4.6.6, 4.7, and 6.0 allows remote attackers to bypass the cross-site scripting (XSS) protection mechanism and inject arbitrary web script or HTML via non printable characters.
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2013-5806 Vulnerability (CVE-2013-5806)
Envoy Proxy Uncontrolled Resource Consumption Vulnerability (CVE-2024-23323)
WebLogic CVE-2017-10336 Vulnerability (CVE-2017-10336)
WebLogic CVE-2019-2887 Vulnerability (CVE-2019-2887)
WordPress Plugin WP Job Manager PHP Object Injection (1.29.2)