CVE-2008-5656: typo3/cms-felogin Cross-site Scripting vulnerability

May 17, 2022 (updated April 9, 2025)

Cross-site scripting (XSS) vulnerability in the frontend plugin for the felogin system extension in TYPO3 4.2.0, 4.2.1 and 4.2.2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

References

exchange.xforce.ibmcloud.com/vulnerabilities/46591
github.com/TYPO3-CMS/felogin
github.com/advisories/GHSA-xvx2-wqf5-jjgv
nvd.nist.gov/vuln/detail/CVE-2008-5656
web.archive.org/web/20090701000000*/http://typo3.org/teams/security/security-bulletins/typo3-20081113-2
web.archive.org/web/20210214231108/https://www.securityfocus.com/bid/32284

Code Behaviors & Features

Detect and mitigate CVE-2008-5656 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →