logo

Database

Reflected cross-site scripting (XSS) In typo3/cms

Description

Cross-Site Scripting in TYPO3 CMS Failing to properly encode user input, several places of the TYPO3 CMS are vulnerable to Cross-Site Scripting.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. GCVE-GHSA-5gr6-97fv-52cc

References

1. https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2017-02-28-2.yaml2. https://typo3.org/security/advisory/typo3-core-sa-2017-003

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.

FLAT-P9506 – Vulnerability | Fluid Attacks Database