CVE-2011-4626

State: PUBLISHED · Published: 2019-11-06 · Updated: 2024-08-07 · Assigner: redhat

Description

Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the "JSwindow" property of the typolink function.

CWE

(none)

Affected

TYPO3 / TYPO3 — v=before 4.5.4 [affected]

CVSS

(none)

References

https://security-tracker.debian.org/tracker/CVE-2011-4626 x_refsource_MISC
https://typo3.org/security/advisory/typo3-core-sa-2011-001/#XSS x_refsource_CONFIRM

Source

cvelistV5-main/cves/2011/4xxx/CVE-2011-4626.json