Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
TYPO3 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2023-47125 - Vulnerability Database
TYPO3

TYPO3 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2023-47125

Medium
Reference: CVE-2023-47125
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2023-47125
Title: TYPO3 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Overview:

TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions DOM processing instructions are not handled correctly. This allows bypassing the cross-site scripting mechanism of typo3/html-sanitizer. This vulnerability has been addressed in versions 1.5.3 and 2.1.4. Users are advised to upgrade. There are no known workarounds for this vulnerability.