GHSA-cg45-qgcf-hf9x, CVE-2010-3660
packagist/typo3/cms-backend
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows XSS on the backend.
All versions before 4.1.14, all versions starting from 4.2.0 before 4.2.13, all versions starting from 4.3.0 before 4.3.4, all versions starting from 4.4.0 before 4.4.1
Upgrade to versions 4.1.14, 4.2.13, 4.3.4, 4.4.1 or above.
2024-02-07
source |