Description
Multiple cross-site scripting (XSS) vulnerabilities in the backend in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allow remote authenticated backend users to inject arbitrary web script or HTML via unspecified vectors.
Remediation
References
Related Vulnerabilities
WordPress Plugin Facebook Page Feed Timeline Cross-Site Scripting (1.0)
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Directory Traversal (1.3.33)
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-27912)
WordPress Plugin Download Theme Arbitrary Directory Download (1.0.2)
Oracle Database Server CVE-2006-5335 Vulnerability (CVE-2006-5335)