[CVE-2015-5956] Typo3 Core sanitizeLocalUrl() Non-Persistent Cross-Site Scripting

September 16, 2015 007admin Leave a comment

Posted by Ahrens, Julien on Sep 15

secunet Security Networks AG Security Advisory

Advisory: Typo3 Core sanitizeLocalUrl() Non-Persistent Cross-Site Scripting

1. DETAILS
———-
Product: Typo3 CMS
Vendor URL: typo3.org
Type: Cross-site Scripting[CWE-79]
Date found: 2015-07-30
Date published: 2015-09-14
CVSSv2 Score: 3,5 (AV:N/AC:M/Au:S/C:N/I:P/A:N)
CVE: CVE-2015-5956

2. AFFECTED VERSIONS
——————–
Typo3 6.2.14 and…

007 Software

[CVE-2015-5956] Typo3 Core sanitizeLocalUrl() Non-Persistent Cross-Site Scripting

Leave a Reply Cancel reply

Software and Security Information