RedhatCVELIST:CVE-2010-5100

HistoryMay 21, 2012 - 8:00 p.m.

CVE-2010-5100

2012-05-2120:00:00

redhat

www.cve.org

5.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

45.2%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in the Install Tool in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

References

secunia.com/advisories/35770

typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-022/

www.openwall.com/lists/oss-security/2011/01/13/2

www.openwall.com/lists/oss-security/2012/05/10/7

www.openwall.com/lists/oss-security/2012/05/11/3

www.osvdb.org/70120

www.securityfocus.com/bid/45470

exchange.xforce.ibmcloud.com/vulnerabilities/64181