Description

Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the admin panel.

Remediation

References

CVE-2011-4629

Related Vulnerabilities

Joomla! Core 1.0.5 Security Bypass (1.0.5)

SharePoint Out-of-bounds Write Vulnerability (CVE-2012-2539)

WordPress Plugin Automattic Stats Referer Field HTML Injection (1.0)

WordPress Plugin Mega Menu for WordPress-AP Mega Menu includes Backdoor [Only if downloaded via the vendor website] (3.0.5)

MySQL CVE-2019-2631 Vulnerability (CVE-2019-2631)

Severity

Medium

Classification

CVE-2011-4629 CWE-707 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities