Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
TYPO3 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2022-31049 - Vulnerability Database
TYPO3

TYPO3 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2022-31049

Medium
Reference: CVE-2022-31049
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2022-31049
Title: TYPO3 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Overview:

TYPO3 is an open source web content management system. Prior to versions 9.5.34 ELTS 10.4.29 and 11.5.11 user submitted content was used without being properly encoded in HTML emails sent to users. The actually affected components were mail clients used to view those messages. TYPO3 versions 9.5.34 ELTS 10.4.29 and 11.5.11 contain a fix for the problem.