Description

Cross-site scripting (XSS) vulnerability in the Backend User Administration Module in TYPO3 6.0.x before 6.0.12 and 6.1.x before 6.1.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2013-7077

Related Vulnerabilities

Plone CMS Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-28736)

Oracle Application Server Other Vulnerability (CVE-2002-0947)

WordPress Plugin WordPress Button Plugin MaxButtons Multiple Cross-Site Scripting Vulnerabilities (1.36)

WordPress Plugin FV Flowplayer Video Player Cross-Site Scripting (6.0.3.3)

WordPress Plugin AB Press Optimizer Multiple Cross-Site Scripting Vulnerabilities (1.1.1)

Severity

Medium

Classification

CVE-2013-7077 CWE-707

Tags

Missing Update Known Vulnerabilities