CVE-2013-5100

Name of the Vulnerable Software and Affected Versions TYPO3 extension div2007 versions prior to 0.10.2

Description A cross-site scripting issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is related to the t3lib div::quoteJSvalue function.

Recommendations For versions prior to 0.10.2, update to version 0.10.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the Static Methods since 2007 (div2007) extension until the update is applied.