Description

Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the admin panel.

Remediation

References

CVE-2011-4629

Related Vulnerabilities

WordPress Plugin Smart Manager for WooCommerce & WpeC Multiple Unspecified Vulnerabilities (3.9.13)

WordPress Plugin Real WYSIWYG Cross-Site Scripting (0.0.2)

WordPress Plugin Broken Link Checker Cross-Site Scripting (1.11.8)

Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.10)

WordPress Plugin Usernoise modal feedback/contact form Cross-Site Scripting (3.7.8)

Severity

Medium

Classification

CVE-2011-4629 CWE-707 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities