PT-2020-14473 · Typo3 · Mm Forum
David Haas
·
Published
2020-07-07
·
Updated
2021-07-21
·
CVE-2020-15516
CVSS v2.0
5.8
Medium
| Vector | AV:N/AC:M/Au:N/C:P/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
mm forum extension for TYPO3 versions through 1.9.5
Description
The issue allows for XSS that can be exploited via CSRF.
Recommendations
For versions through 1.9.5, update to a version later than 1.9.5 to resolve the issue.
Fix
XSS
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Mm Forum