GHSA-xvx2-wqf5-jjgv
Suggest an improvement- Source
- https://github.com/advisories/GHSA-xvx2-wqf5-jjgv
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-xvx2-wqf5-jjgv/GHSA-xvx2-wqf5-jjgv.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-xvx2-wqf5-jjgv
- Aliases
-
- CVE-2008-5656
- Published
- 2022-05-17T02:17:20Z
- Modified
- 2025-04-09T21:42:09.252931Z
- Severity
-
- 2.1 (Low) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P CVSS Calculator
- Summary
- typo3/cms-felogin Cross-site Scripting vulnerability
- Details
-
Cross-site scripting (XSS) vulnerability in the frontend plugin for the felogin system extension in TYPO3 4.2.0, 4.2.1 and 4.2.2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
- Database specific
{ "nvd_published_at": "2008-12-17T20:30:00Z", "cwe_ids": [ "CWE-79" ], "severity": "LOW", "github_reviewed": true, "github_reviewed_at": "2025-04-09T21:14:18Z" }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2008-5656
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46591
- https://github.com/TYPO3-CMS/felogin
- https://web.archive.org/web/20090701000000*/http://typo3.org/teams/security/security-bulletins/typo3-20081113-2
- https://web.archive.org/web/20210214231108/https://www.securityfocus.com/bid/32284
Affected packages
Packagist / typo3/cms-felogin
Package
- Name
- typo3/cms-felogin
- Purl
- pkg:composer/typo3/cms-felogin