| Max CVSS | 4.3 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2013-7077 | 4.3 |
Cross-site scripting (XSS) vulnerability in the Backend User Administration Module in TYPO3 6.0.x before 6.0.12 and 6.1.x before 6.1.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
29-08-2017 - 01:34 | 21-12-2013 - 00:55 | |
| CVE-2013-7076 | 4.3 |
Cross-site scripting (XSS) vulnerability in Extension Manager in TYPO3 4.5.x before 4.5.32 and 4.7.x before 4.7.17 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
29-08-2017 - 01:34 | 21-12-2013 - 00:55 | |
| CVE-2013-7074 | 3.5 |
Multiple cross-site scripting (XSS) vulnerabilities in Content Editing Wizards in TYPO3 4.5.x before 4.5.32, 4.7.x before 4.7.17, 6.0.x before 6.0.12, 6.1.x before 6.1.7, and the development versions of 6.2 allow remote authenticated users to inject
|
29-08-2017 - 01:34 | 21-12-2013 - 00:55 | |
| CVE-2013-7078 | 2.6 |
Cross-site scripting (XSS) vulnerability in the errorAction method in the ActionController base class in the Extbase Framework in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6, when the Rewritten Prop
|
29-08-2017 - 01:34 | 19-01-2014 - 18:55 | |
| CVE-2013-7073 | 4.0 |
The Content Editing Wizards component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 does not check permissions, which allows remote authenticated editors to read arbitrary TYPO3 table columns via u
|
28-11-2016 - 19:10 | 23-12-2013 - 23:55 |