CVE-2020-11064 in TYPO3Информация

Сводка (Английский)

In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.17 and greater than or equal to 10.0.0 and less than 10.4.2, it has been discovered that HTML placeholder attributes containing data of other database records are vulnerable to cross-site scripting. A valid backend user account is needed to exploit this vulnerability. This has been fixed in 9.5.17 and 10.4.2.

Ответственный

GitHub, Inc.

Резервировать

30.03.2020

Записи

VulDB provides additional information and datapoints for this CVE:

ИД	Уязвимость	CWE	Экс	Кон	CVE
155186	TYPO3 HTML Placeholder Attribute HTML injection	79	Не определено	Официальное исправление	CVE-2020-11064

Описание

CPE

CWE

CVSS

Эксплойты

История

Разница

Связать

Разведка угроз

API JSON

API XML

API CSV

◂ ПредыдущийОбзорДалее ▸

Want to know what is going to be exploited?

We predict KEV entries!