Lucene search

Ubuntu.comUB:CVE-2013-7074

HistoryDec 21, 2013 - 12:00 a.m.

CVE-2013-7074

2013-12-2100:00:00

ubuntu.com

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

43.6%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Content Editing
Wizards in TYPO3 4.5.x before 4.5.32, 4.7.x before 4.7.17, 6.0.x before
6.0.12, 6.1.x before 6.1.7, and the development versions of 6.2 allow
remote authenticated users to inject arbitrary web script or HTML via
unspecified parameters.

Bugs

<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731999>

OSVersionArchitecturePackageVersionFilename
ubuntu13.04noarchtypo3-src< 4.5.19+dfsg1-5+wheezy2build0.13.04.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	13.04	noarch	typo3-src	< 4.5.19+dfsg1-5+wheezy2build0.13.04.1	UNKNOWN

References

www.openwall.com/lists/oss-security/2013/12/12

launchpad.net/bugs/cve/CVE-2013-7074

nvd.nist.gov/vuln/detail/CVE-2013-7074

security-tracker.debian.org/tracker/CVE-2013-7074

www.cve.org/CVERecord?id=CVE-2013-7074

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

43.6%

JSON

Related for UB:CVE-2013-7074