Lucene search

K

Veracode Vulnerability DatabaseVERACODE:47544

HistoryJun 14, 2024 - 5:52 a.m.

Cross-site Scripting (XSS)

2024-06-1405:52:04

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

5

cross-site scripting

typo3/cms

file extensions

output table

server's file system

AI Score

6.4

Confidence

High

typo3/cms is vulnerable to cross-site scripting (XSS). The vulnerability is due to improper handling of file extensions containing malicious sequences in the output table listing, which requires access to the server’s file system either directly or through synchronization to exploit.

AI Score

6.4

Confidence

High