CVE-2013-6289 – apache-solr-for-typo3/solr

Package

Manager: composer
Name: apache-solr-for-typo3/solr
Vulnerable Version: >=0 <2.8.3

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

EPSS: 0.00359 pctl0.57331

Details

Apache Solr for TYPO3 (solr) extension is vulnerable to Cross-site scripting (XSS) Cross-site scripting (XSS) vulnerability in the Apache Solr for TYPO3 (solr) extension before 2.8.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Metadata

Created: 2022-05-17T04:58:35Z
Modified: 2023-08-29T18:50:33Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-xc7q-q62f-wcvr/GHSA-xc7q-q62f-wcvr.json
CWE IDs: ["CWE-79"]
Alternative ID: GHSA-xc7q-q62f-wcvr
Finding: F008
Auto approve: 1