Cross site scripting

2009-04-1022:00:00

PRIOn knowledge base

www.prio-n.com

6.2 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.2%

JSON

Cross-site scripting (XSS) vulnerability in DCD GoogleMap (dcdgooglemap) 1.1.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

CPENameOperatorVersion
dcdgooglemaple1.1.0
dcdgooglemapeq1.0.0
dcdgooglemapeq1.0.1
dcdgooglemapeq1.0.2
dcdgooglemapeq1.1.1

Name	Operator	Version
dcdgooglemap	le	1.1.0
dcdgooglemap	eq	1.0.0
dcdgooglemap	eq	1.0.1
dcdgooglemap	eq	1.0.2
dcdgooglemap	eq	1.1.1

References

osvdb.org/46378

osvdb.org/46384

secunia.com/advisories/30773

typo3.org/extensions/repository/view/dcdgooglemap/1.1.1/

typo3.org/teams/security/security-bulletins/typo3-20080619-1/

www.securityfocus.com/bid/29815

exchange.xforce.ibmcloud.com/vulnerabilities/43199