CVE-2016-15032

Name of the Vulnerable Software and Affected Versions mback2k mh httpbl Extension versions 1.1.7 and earlier

Description A problematic vulnerability has been found in the mback2k mh httpbl Extension on TYPO3, affecting the function stopOutput of the file class.tx mhhttpbl.php. The manipulation of the argument $ SERVER['REMOTE ADDR'] leads to cross-site scripting. It is possible to initiate the attack remotely. This issue only affects products that are no longer supported by the maintainer.

Recommendations For versions 1.1.7 and earlier, upgrade to version 1.1.8 to address this issue. As a temporary workaround, consider restricting access to the stopOutput function of the class.tx mhhttpbl.php file until the upgrade is applied. Additionally, be cautious when using the $ SERVER['REMOTE ADDR'] argument to minimize the risk of exploitation.