Cross-Site Scripting Vulnerability in air_filemanager Extension for TYPO3
CVE-2008-2344

Currently unrated

Key Information:

Vendor: Typo3
Status: Air Filemanager
Vendor: CVE Published:; 19 May 2008

What is CVE-2008-2344?

The air_filemanager extension for TYPO3 versions 0.6.0 and earlier contains a cross-site scripting (XSS) vulnerability that enables remote attackers to inject arbitrary web scripts or HTML into pages viewed by users. This vulnerability arises from unforeseen vectors that facilitate the exploitation of the application, thereby compromising user interactions and potentially leading to unauthorized data access or manipulation.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/42448

vdb-entryx_refsource_XF

http://typo3.org/teams/security/security-bulletins/typo3-...

x_refsource_CONFIRM

Timeline

Vulnerability published
May 19, 2008
Vulnerability Reserved
May 19, 2008

Typo3

What is CVE-2008-2344?

References

Timeline