Lucene search
GoogleOSV:CVE-2021-21358HistoryMar 23, 2021 - 2:15 a.m.
CVE-2021-21358
2021-03-2302:15:12
Google
osv.dev
4
typo3
form framework
cross-site scripting
vulnerability
web content management system
EPSS
0.001
Percentile
26.2%
TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 10.4.14, 11.1.1 it has been discovered that the Form Designer backend module of the Form Framework is vulnerable to cross-site scripting. A valid backend user account with access to the form module is needed to exploit this vulnerability. This is fixed in versions 10.4.14, 11.1.1.
Related
osv
osv
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in typo3/cms-form
2021-03-23 01:54:06
BIT-typo3-2021-21358
2024-03-06 11:11:04
openvas
openvas
TYPO3 XSS Vulnerability (TYPO3-CORE-SA-2021-004)
2021-03-30 00:00:00
cve
cve
CVE-2021-21358
2021-03-23 02:15:12
veracode
veracode
Cross-site Scripting (XSS)
2021-03-24 03:32:42
friendsofphp
friendsofphp
TYPO3-CORE-SA-2021-004: Cross-Site Scripting in Form Framework
2021-03-16 08:59:55
TYPO3-CORE-SA-2021-004: Cross-Site Scripting in Form Framework
2021-03-16 08:59:55
nvd
nvd
CVE-2021-21358
2021-03-23 02:15:12
cvelist
cvelist
github
github
prion
prion
Cross site scripting
2021-03-23 02:15:00
typo3
typo3
Cross-Site Scripting in Form Framework
2021-03-16 00:00:00