Cross-Site Scripting Vulnerability in eluna Page Comments Extension for TYPO3
CVE-2008-5795

Currently unrated

Key Information:

Vendor

Typo3

Status
Eluna Page Comments Extension
Vendor
CVE Published:
31 December 2008

What is CVE-2008-5795?

The eluna Page Comments extension for TYPO3 is susceptible to a Cross-Site Scripting attack, allowing attackers to inject arbitrary web scripts or HTML into webpages. This vulnerability affects version 1.1.2 and earlier, and exploitation could enable unauthorized actions on behalf of users, compromise of user credentials, and other malicious activities. Proper sanitization of user input is essential to mitigate this issue.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/46467
vdb-entryx_refsource_XF
http://www.securityfocus.com/bid/32228
vdb-entryx_refsource_BID
http://secunia.com/advisories/32638
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.