Cross-Site Scripting Vulnerability in TYPO3 Category-System Extension
CVE-2012-1073

Currently unrated

Key Information:

Vendor: Typo3
Status: Toi Category
Vendor: CVE Published:; 14 February 2012

What is CVE-2012-1073?

A cross-site scripting vulnerability exists in the Category-System extension for TYPO3, specifically affecting version 0.6.0 and earlier. This flaw allows remote attackers to inject malicious web scripts or HTML through unspecified vectors, potentially compromising the security of websites utilizing this extension. Administrators are urged to review and apply available mitigations to protect their systems from exploitation.

References

http://typo3.org/teams/security/security-bulletins/typo3-...

x_refsource_MISC

http://www.securityfocus.com/bid/51834

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/72957

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Feb 14, 2012
Vulnerability Reserved
Feb 14, 2012

Typo3

What is CVE-2012-1073?

References

Timeline