Typo3 · Typo3 · CVE-2015-8755
**Name of the Vulnerable Software and Affected Versions**
TYPO3 versions 6.2.x through 6.2.15
TYPO3 versions 7.x through 7.5
**Description**
The issue allows remote authenticated editors to inject arbitrary web script or HTML. This is due to multiple cross-site scripting (XSS) vulnerabilities in unspecified backend components.
**Recommendations**
For TYPO3 versions 6.2.x through 6.2.15, update to version 6.2.16 or later.
For TYPO3 versions 7.x through 7.5, update to version 7.6.1 or later.