CVE-2014-6237
Cross-site scripting (XSS) vulnerability in the News Pack extension 0.1.0 and earlier for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
View on NVDSeverity
N/A
EPSS
Probability of exploitation (next 30 days): 0.0021 (0.2%)
Percentile: 43.0%
EPSS: 2026-05-06
Affects
news_pack_project:news_packTechnical description
Cross-site scripting (XSS) vulnerability in the News Pack extension 0.1.0 and earlier for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Published: 9/11/2014, 2:16:05 PM
Last modified: 5/6/2026, 10:30:45 PM
References
- http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-010
- http://www.securityfocus.com/bid/69567
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95708
- http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-010
- http://www.securityfocus.com/bid/69567
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95708