TYPO3.CMS.SanitizeLocalUrl.XSS
Description
This indicates an attack attempt to exploit a Cross-Site Scripting vulnerability in Typo3 CMS.
The vulnerability is due improper validation when the affected application handles a maliciously crafted request. An attacker can exploit this by tricking an unsuspecting user into visiting a malicious crafted link and execute arbitrary code within the context of the target users' browser.
Affected Products
TYPO3 Association TYPO3 4.5.40 and prior
TYPO3 Association TYPO3 6.2.14 and prior
Impact
System Compromise: Remote attackers can execute arbitrary script code within the context of the target user's browser
Recommended Actions
Apply the most recent upgrade or patch from the vendor
https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-009/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2023-08-01 | 25.612 | Name:Typo3. CMS. SanitizeLocalUrl. XSS:TYPO3. CMS. SanitizeLocalUrl. XSS |