CVE-2006-5069

Name of the Vulnerable Software and Affected Versions Typo3 versions prior to 4.0.2 Indexed Search extension version 2.9.0

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML. This is achieved by manipulating the search parameter.

Recommendations For Typo3 versions prior to 4.0.2, update to version 4.0.2 or later to resolve the issue. For Indexed Search extension version 2.9.0, consider disabling the search functionality until a patched version is available.