CVE-2014-6296: WEC Map (wec_map) extension for TYPO3 allows Cross-site Scripting

May 17, 2022 (updated April 14, 2025)

Cross-site scripting (XSS) vulnerability in the WEC Map (wec_map) extension before 3.0.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References

github.com/advisories/GHSA-mqhg-c7w9-w3cv
nvd.nist.gov/vuln/detail/CVE-2014-6296
typo3.org/security/advisory/typo3-ext-sa-2014-002

Code Behaviors & Features

Detect and mitigate CVE-2014-6296 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →