CVE-2008-5644

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in packagist/typo3/cms-backend

Identifiers

GHSA-733v-22mg-7f8w, CVE-2008-5644

Package Slug

packagist/typo3/cms-backend

Vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Description

Cross-site scripting (XSS) vulnerability in the file backend module in TYPO3 4.2.2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

Affected Versions

Version 4.2.2

Solution

Upgrade to version 4.2.3 or above.

Last Modified

2024-02-12

source