Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in fe_adminlib.inc in TYPO3 4.0.x before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.2.1, as used in extensions such as (1) direct_mail_subscription, (2) feuser_admin, and (3) kb_md5fepw, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
TYPO3 fe_adminlib.inc文件跨站脚本漏洞
Vulnerability Description
Typo3是开源内容管理系统(CMS)和内容管理框架(CMF)。 TYPO3 4.0.9 之前的 4.0.x, 4.1.7 之前的 4.1.x 以及 4.2.1之前的 4.2.x,TYPO3的fe_adminlib.inc文件没有正确过滤用户输入,可能导致跨站脚本攻击。使用有漏洞文件的常见TYPO3扩展包括: * direct_mail_subscription * feuser_admin * kb_md5fepw
CVSS Information
N/A
Vulnerability Type
N/A