Vulnerability Database
290,018
Total vulnerabilities in the database
TYPO3 Cross-Site Scripting in Filelist Module
It has been discovered that the output table listing in the “Files” backend module is vulnerable to cross-site scripting when a file extension contains malicious sequences.
Access to the file system of the server - either directly or through synchronization - is required to exploit the vulnerability.
| Software | From | Fixed in |
|---|---|---|
typo3 / cms-core
|
10.0.0 | 10.2.1 |
|
typo3 / cms-core
|
8.0.0 | 8.7.30 |
|
typo3 / cms-core
|
9.0.0 | 9.5.12 |