CVE-2013-7074 Information

Feb 14, 2021 cve

Description

Multiple cross-site scripting (XSS) vulnerabilities in Content Editing Wizards in TYPO3 4.5.x before 4.5.32 4.7.x before 4.7.17 6.0.x before 6.0.12 6.1.x before 6.1.7 and the development versions of 6.2 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters.

Reference

http://osvdb.org/100881 http://seclists.org/oss-sec/2013/q4/473 http://seclists.org/oss-sec/2013/q4/487 http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004 http://www.debian.org/security/2014/dsa-2834 http://www.securityfocus.com/bid/64245 https://exchange.xforce.ibmcloud.com/vulnerabilities/89620 contenteditingwizards-url-xss(89620)

Share on: