CVE-2010-3715

Name of the Vulnerable Software and Affected Versions TYPO3 versions 4.2.x through 4.2.14 TYPO3 versions 4.3.x through 4.3.6 TYPO3 versions 4.4.x through 4.4.3

Description The issue allows remote attackers to inject arbitrary web script or HTML via vectors related to the RemoveXSS function, and allows remote authenticated users to inject arbitrary web script or HTML via vectors related to the backend. This can lead to a breach of protected information. The exploitation of the vulnerabilities can be carried out remotely.

Recommendations For versions 4.2.x through 4.2.14, update to version 4.2.15 or later. For versions 4.3.x through 4.3.6, update to version 4.3.7 or later. For versions 4.4.x through 4.4.3, update to version 4.4.4 or later.