| Vulnerability Name: | CVE-2008-5656 (CCN-46591) | ||||||||
| Assigned: | 2008-11-13 | ||||||||
| Published: | 2008-11-13 | ||||||||
| Updated: | 2017-08-08 | ||||||||
| Summary: | Cross-site scripting (XSS) vulnerability in the frontend plugin for the felogin system extension in TYPO3 4.2.0, 4.2.1 and 4.2.2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||
| CVSS v2 Severity: | 4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N) 3.6 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:UR)
3.6 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:UR)
| ||||||||
| Vulnerability Type: | CWE-79 | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: MITRE Type: CNA CVE-2008-5656 Source: CCN Type: TYPO3 Web Site Download Source: CCN Type: TYPO3-20081113-2 Cross-Site Scripting vulnerability in TYPO3 Core Source: CONFIRM Type: UNKNOWN http://typo3.org/teams/security/security-bulletins/typo3-20081113-2/ Source: CCN Type: OSVDB ID: 50831 Felogin System Extension for TYPO3 Unspecified XSS Source: BID Type: UNKNOWN 32284 Source: CCN Type: BID-32284 TYPO3 Core Multiple Cross Site Scripting Vulnerabilities Source: XF Type: UNKNOWN typo3-felogin-xss(46591) Source: XF Type: UNKNOWN typo3-felogin-xss(46591) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||