Description

Cross-site scripting (XSS) vulnerability in Extension Manager in TYPO3 4.5.x before 4.5.32 and 4.7.x before 4.7.17 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2013-7076

Related Vulnerabilities

WordPress Plugin Fast Secure Contact Form-Clockwork SMS Cross-Site Scripting (2.1.2)

WordPress Plugin Cookie Notice & Compliance for GDPR/CCPA Cross-Site Scripting (2.1.1)

WordPress Plugin WP Data Access Privilege Escalation (5.3.7)

WordPress Same Origin Method Execution (SOME) Vulnerability (0.70 - 3.7.13)

WordPress Plugin DukaPress PHP Object Injection (3.1.20)

Severity

Medium

Classification

CVE-2013-7076 CWE-707

Tags

Missing Update Known Vulnerabilities