CVE-2008-4661

Description

Cross-site scripting (XSS) vulnerability in the Page Improvements (sm_pageimprovements) 1.1.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Related CPE's

atypo3typo3********

atypo3page_improvements********

References

http://typo3.org/extensions/repository/view/sm_pageimprovements/0.3.0/info/ChangeLog/

PatchVendor Advisory

http://typo3.org/teams/security/security-bulletins/typo3-20081020-1/

Patch

ADV-2008-2870

CvssV3 impact

Could not find any metrics

CvssV2 impact

Version

2.0

VectorString

AV:N/AC:M/Au:N/C:N/I:P/A:N

AccessVector

NETWORK

AccessComplexity

MEDIUM

Authentication

NONE

ConfidentialityImpact

NONE

IntegrityImpact

PARTIAL

AvailabilityImpact

NONE

BaseScore

4.300000190734863

Created by Yello
About Severity.io