Lucene search
GoogleOSV:GHSA-W3V6-R62R-FVQHHistoryMay 17, 2022 - 5:23 a.m.
Typo3 API XSS Vulnerabilities
2022-05-1705:23:54
Google
osv.dev
9
typo3
api
xss
vulnerabilities
t3lib_div::removexss
remote attackers
cross-site scripting
protection mechanism
html injection
non printable characters
software
EPSS
0.002
Percentile
58.5%
The t3lib_div::RemoveXSS API method in TYPO3 4.4.0 through 4.4.13, 4.5.0 through 4.5.13, 4.6.0 through 4.6.6, 4.7, and 6.0 allows remote attackers to bypass the cross-site scripting (XSS) protection mechanism and inject arbitrary web script or HTML via non printable characters.
Related
cve
cve
CVE-2012-1608
2012-09-04 20:55:01
nvd
nvd
CVE-2012-1608
2012-09-04 20:55:01
prion
prion
Cross site scripting
2012-09-04 20:55:00
ubuntucve
ubuntucve
CVE-2012-1608
2012-09-04 00:00:00
cvelist
cvelist
CVE-2012-1608
2012-09-04 20:00:00
github
github
Typo3 API XSS Vulnerabilities
2022-05-17 05:23:54
nessus
nessus
Debian DSA-2445-1 : typo3-src - several vulnerabilities
2012-04-02 00:00:00
debian
debian
[SECURITY] [DSA 2445-1] typo3-src security update
2012-03-31 11:12:27
openvas
openvas
Debian Security Advisory DSA 2445-1 (typo3-src)
2012-04-30 00:00:00
TYPO3 Multiple Vulnerabilities (Mar 2012)
2014-01-02 00:00:00
Debian: Security Advisory (DSA-2445-1)
2012-04-30 00:00:00
osv
osv
typo3-src - several
2012-03-31 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2445-1] typo3-src security update
2012-04-09 00:00:00
typo3
typo3
Several Vulnerabilities in TYPO3 Core
2012-03-28 00:00:00