CVE-2014-6237
Cross-site scripting (XSS) vulnerability in the News Pack extension 0.1.0 and earlier for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Ver en NVDSeveridad
N/A
EPSS
Probabilidad de explotación (próx. 30 días): 0.0021 (0.2%)
Percentil: 43.0%
EPSS: 2026-05-06
Afecta
news_pack_project:news_packDescripción técnica
Cross-site scripting (XSS) vulnerability in the News Pack extension 0.1.0 and earlier for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Publicada: 11/9/2014, 14:16:05
Última modificación: 6/5/2026, 22:30:45
Referencias
- http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-010
- http://www.securityfocus.com/bid/69567
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95708
- http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-010
- http://www.securityfocus.com/bid/69567
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95708