Mend Vulnerability Database
What is a CVE vulnerability ID? What is a WS vulnerability ID?New vulnerability? Tell us about it!
We found results for “”
Good to know:
Date: February 16, 2016
Cross-Site Scripting (XSS) in TYPO3 6.2.x before 6.2.18 and 7.6.x before 7.6.3. Failing to sanitize content from editors, the link validator component is susceptible to Cross-Site Scripting. A valid editor account with access to content which is scanned by the link validator component is required to exploit this vulnerability.
Weakness Type (CWE)
Cross-Site Scripting (XSS)CWE-79
Upgrade to version TYPO3_6-2-18,TYPO3_7-6-3
|Attack Vector (AV):||NETWORK|
|Attack Complexity (AC):||LOW|
|Privileges Required (PR):||LOW|
|User Interaction (UI):||REQUIRED|