GHSA-qfr3-29w6-hwpg
Suggest an improvement- Source
- https://github.com/advisories/GHSA-qfr3-29w6-hwpg
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-qfr3-29w6-hwpg/GHSA-qfr3-29w6-hwpg.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-qfr3-29w6-hwpg
- Aliases
-
- CVE-2012-2112
- Published
- 2022-05-17T01:46:40Z
- Modified
- 2024-01-12T18:26:36.936187Z
- Summary
- Typo3 Exception Handler XSS
- Details
-
Cross-site scripting (XSS) vulnerability in the Exception Handler in TYPO3 4.4.x before 4.4.15, 4.5.x before 4.5.15, 4.6.x before 4.6.8, and 4.7 allows remote attackers to inject arbitrary web script or HTML via exception messages.
- Database specific
{ "nvd_published_at": "2012-08-27T21:55:00Z", "cwe_ids": [ "CWE-79" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2024-01-12T18:01:23Z" }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2012-2112
- https://exchange.xforce.ibmcloud.com/vulnerabilities/74920
- https://web.archive.org/web/20120421201555/http://www.securityfocus.com/bid/53047
- http://lists.typo3.org/pipermail/typo3-announce/2012/000241.html
- http://lists.typo3.org/pipermail/typo3-announce/2012/000242.html
- http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-002
- http://www.debian.org/security/2012/dsa-2455
- http://www.openwall.com/lists/oss-security/2012/04/17/5
- http://www.openwall.com/lists/oss-security/2012/04/18/1