Description

Cross-site scripting (XSS) vulnerability in the Exception Handler in TYPO3 4.4.x before 4.4.15, 4.5.x before 4.5.15, 4.6.x before 4.6.8, and 4.7 allows remote attackers to inject arbitrary web script or HTML via exception messages.

Remediation

References

CVE-2012-2112

Related Vulnerabilities

PHP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2006-0996)

Apache Tomcat CVE-2020-0822 Vulnerability (CVE-2020-0822)

MySQL CVE-2020-14866 Vulnerability (CVE-2020-14866)

WordPress Plugin Nelio AB Testing Server-Side Request Forgery (4.5.10)

WordPress Plugin WP Accessibility Cross-Site Scripting (1.6.10)

Severity

Medium

Classification

CVE-2012-2112 CWE-707

Tags

Missing Update Known Vulnerabilities