CVE-2012-1606

Name of the Vulnerable Software and Affected Versions TYPO3 versions 4.4.0 through 4.4.13 TYPO3 versions 4.5.0 through 4.5.13 TYPO3 versions 4.6.0 through 4.6.6 TYPO3 version 4.7 TYPO3 version 6.0

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities in the Backend component. These vulnerabilities allow remote authenticated backend users to inject arbitrary web script or HTML. The estimated number of potentially affected devices and details about real-world incidents are not specified.

Recommendations For TYPO3 versions 4.4.0 through 4.4.13, update to a version outside of this range to resolve the issue. For TYPO3 versions 4.5.0 through 4.5.13, update to a version outside of this range to resolve the issue. For TYPO3 versions 4.6.0 through 4.6.6, update to a version outside of this range to resolve the issue. For TYPO3 version 4.7, update to a version outside of this range to resolve the issue. For TYPO3 version 6.0, update to a version outside of this range to resolve the issue.