Back to search
CVE-2012-1608
Published: Sep 4, 2012
Modified: Sep 17, 2024
PUBLISHED
Description
The t3lib_div::RemoveXSS API method in TYPO3 4.4.0 through 4.4.13, 4.5.0 through 4.5.13, 4.6.0 through 4.6.6, 4.7, and 6.0 allows remote attackers to bypass the cross-site scripting (XSS) protection mechanism and inject arbitrary web script or HTML via non printable characters.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
48647
third-party-advisory
x_refsource_SECUNIA
[oss-security] 20120329 Re: CVE request: TYPO3-CORE-SA-2012-001
mailing-list
x_refsource_MLIST
DSA-2445
vendor-advisory
x_refsource_DEBIAN
80762
vdb-entry
x_refsource_OSVDB
52771
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now