Chris Müller

#21353of 53,633
11.5Total CVSS
Vulnerabilities · 2
Medium
2
PT-2022-21714
5.4
2022-06-17
Typo3 · Typo3 · CVE-2022-33154
**Name of the Vulnerable Software and Affected Versions** TYPO3 schema extension versions prior to 1.13.1 TYPO3 schema extension versions 2.x prior to 2.5.1 **Description** The issue allows for XSS due to the failure to properly encode user input for output in HTML context. A TYPO3 backend user account is required to exploit this issue. **Recommendations** For versions prior to 1.13.1, update to version 1.13.1 or later. For versions 2.x prior to 2.5.1, update to version 2.5.1 or later.
PT-2022-21716
6.1
2022-06-17
Typo3 · Wp-Matomo Integration · CVE-2022-33156
**Name of the Vulnerable Software and Affected Versions** matomo integration extension versions prior to 1.3.2 **Description** The issue allows for XSS due to the extension's failure to properly encode user input for output in HTML context. A TYPO3 backend user account is required to exploit this issue. **Recommendations** For matomo integration extension versions prior to 1.3.2, update to version 1.3.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the extension to minimize the risk of exploitation.