Description
Cross-site scripting (XSS) vulnerability in Extension Manager in TYPO3 4.5.x before 4.5.32 and 4.7.x before 4.7.17 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Remediation
References
Related Vulnerabilities
Sqlite Use After Free Vulnerability (CVE-2019-5018)
WordPress Plugin EWWW Image Optimizer Denial of Service (6.0.1)
WordPress Plugin Slider Hero with Animation, Video Background SQL Injection (8.2.6)
WordPress Plugin WP User Manager-User Profile Builder & Membership Security Bypass (2.6.2)
WordPress Plugin TAuto Poster includes Backdoor [Only if downloaded via the vendor website] (1.4.5)