Required CVE Record Information
Description
Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 CMS 4.1.x before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4, and 4.4.x before 4.4.1 allow remote authenticated backend users to inject arbitrary web script or HTML via unspecified parameters to the extension manager, or unspecified parameters to unknown backend forms.
References 5 Total
- https://security-tracker.debian.org/tracker/CVE-2010-3659/
- openwall.com: [oss-security] 20140212 Re: Old CVE ids, public, but still mailing-list
- openwall.com: [oss-security] 20100928 CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel mailing-list
- securityfocus.com: 42029 vdb-entry
- https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-012/
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 5 Total
- https://security-tracker.debian.org/tracker/CVE-2010-3659/ x_transferred
- openwall.com: [oss-security] 20140212 Re: Old CVE ids, public, but still mailing-listx_transferred
- openwall.com: [oss-security] 20100928 CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel mailing-listx_transferred
- securityfocus.com: 42029 vdb-entryx_transferred
- https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-012/ x_transferred