CVE-2011-4629: XSS
First published: Wed Nov 06 2019(Updated: )
Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the admin panel.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Typo3 Typo3 | >=4.5.0<4.5.4 | |
| Typo3 Typo3 | >=4.3.0<4.3.12 | |
| Typo3 Typo3 | >=4.4.0<4.4.9 | |
| debian/typo3-src |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2011-4629?
The severity of CVE-2011-4629 is medium (5.4).
How does CVE-2011-4629 affect TYPO3?
CVE-2011-4629 affects TYPO3 versions before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4.
How does CVE-2011-4629 allow attackers to exploit TYPO3?
CVE-2011-4629 allows remote attackers to inject arbitrary web script or HTML via the admin panel in TYPO3.
What is the Common Vulnerabilities and Exposures (CVE) ID for this vulnerability?
The Common Vulnerabilities and Exposures (CVE) ID for this vulnerability is CVE-2011-4629.
Where can I find more information about CVE-2011-4629?
You can find more information about CVE-2011-4629 at the following references: [1](https://security-tracker.debian.org/tracker/CVE-2011-4629) and [2](https://typo3.org/security/advisory/typo3-core-sa-2011-001/#XSS).
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/author
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/tags
- agent/event
- collector/security-tracker-debian
- source/Debian
- agent/software-canonical-lookup
- vendor/typo3
- canonical/typo3 typo3
- version/typo3 typo3/4.5.0
- version/typo3 typo3/4.3.0
- version/typo3 typo3/4.4.0
- package-manager/debian