WEB APPLICATION VULNERABILITIES Standard & Premium

TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-3672)

Description

TYPO3 before 4.3.4 and 4.4.x before 4.4.1 allows XSS in the textarea view helper in an extbase extension.

Remediation

References

Related Vulnerabilities

osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43708)

WordPress Plugin Nextend Twitter Connect Cross-Site Scripting (1.5.1)

GlassFish CVE-2017-10400 Vulnerability (CVE-2017-10400)

OpenVPN AS Other Vulnerability (CVE-2006-1629)

Joomla! Core 3.x.x Multiple Vulnerabilities (3.2.0 - 3.6.5)

Severity

Medium

Classification

CVE-2010-3672 CWE-707 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities