CVE-2013-7074
Published: 21 December 2013
Multiple cross-site scripting (XSS) vulnerabilities in Content Editing Wizards in TYPO3 4.5.x before 4.5.32, 4.7.x before 4.7.17, 6.0.x before 6.0.12, 6.1.x before 6.1.7, and the development versions of 6.2 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters.
Priority
Status
Package | Release | Status |
---|---|---|
typo3-src Launchpad, Ubuntu, Debian |
lucid |
Ignored
(end of life)
|
precise |
Ignored
(end of life)
|
|
quantal |
Ignored
(end of life)
|
|
raring |
Released
(4.5.19+dfsg1-5+wheezy2build0.13.04.1)
|
|
saucy |
Ignored
(end of life)
|
|
trusty |
Does not exist
(trusty was not-affected [4.5.32+dfsg1-1])
|
|
upstream |
Released
(4.5.32+dfsg1-1)
|
|
utopic |
Not vulnerable
(4.5.32+dfsg1-1)
|
|
vivid |
Not vulnerable
(4.5.32+dfsg1-1)
|
|
wily |
Does not exist
|
|
xenial |
Does not exist
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|