Description

Cross-site scripting (XSS) vulnerability in Extension Manager in TYPO3 4.5.x before 4.5.32 and 4.7.x before 4.7.17 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2013-7076

Related Vulnerabilities

ownCloud Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2013-2085)

Joomla Improper Input Validation Vulnerability (CVE-2015-8565)

WordPress Plugin Ginger-EU Cookie Law Multiple Vulnerabilities (4.1.3)

MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-46148)

OpenVPN AS Insertion of Sensitive Information into Log File Vulnerability (CVE-2022-33737)

Severity

Medium

Classification

CVE-2013-7076 CWE-707

Tags

Missing Update Known Vulnerabilities