Cross-site Scripting Vulnerability in Basic SEO Features for TYPO3
CVE-2012-5888

Currently unrated

Key Information:

Vendor: Benjamin Mack
Status: Seo Basics
Vendor: CVE Published:; 17 November 2012

🔔 Create Benjamin Mack Vulnerability Alert

What is CVE-2012-5888?

A cross-site scripting (XSS) vulnerability exists in the Basic SEO Features (seo_basics) extension for TYPO3, permitting remote attackers to inject arbitrary web scripts or HTML into affected installations. This flaw, present before version 0.8.2, can expose users to malicious content or phishing attacks. The vulnerability can be exploited through unspecified vectors, making it essential for site administrators to update to a secure version to protect their systems. For detailed information and remediation steps, please refer to the security bulletins and resources linked below.

References

http://forge.typo3.org/issues/35532

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/74483

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/52772

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 17, 2012
Vulnerability Reserved
Nov 17, 2012

CVE-2012-5888 Data

JSON