Description
Cross-site scripting (XSS) vulnerability in the FORM content object in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Remediation
References
Related Vulnerabilities
PHP Use After Free Vulnerability (CVE-2018-12882)
Python Incorrect Conversion between Numeric Types Vulnerability (CVE-2008-1721)
WordPress Plugin WP Fastest Cache SQL Injection (1.2.1)
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-11620)
Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2017-2670)