PT-2016-4005 · Typo3 · Typo3
Heiko Kromm
·
Published
2016-01-08
·
Updated
2022-05-17
·
CVE-2015-8760
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
TYPO3 versions 6.2.x through 6.2.15
Description
The issue allows remote attackers to embed Flash videos from external domains, which is referred to as "Cross-Site Flashing."
Recommendations
For versions 6.2.x through 6.2.15, update to version 6.2.16 or later to resolve the issue.
Fix
Open Redirect
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Typo3