CVE-2014-3943 Information

Feb 14, 2021 cve

Description

Multiple cross-site scripting (XSS) vulnerabilities in unspecified backend components in TYPO3 4.5.0 before 4.5.34 4.7.0 before 4.7.19 6.0.0 before 6.0.14 6.1.0 before 6.1.9 and 6.2.0 before 6.2.3 allow remote authenticated editors to inject arbitrary web script or HTML via unknown parameters.

Reference

http://lists.opensuse.org/opensuse-updates/2014-06/msg00037.html http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001/ http://www.debian.org/security/2014/dsa-2942 http://www.openwall.com/lists/oss-security/2014/06/03/2 http://www.securityfocus.com/bid/67625

Share on: