Name of the Vulnerable Software and Affected Versions: TYPO3 (affected versions not specified)

Description: The issue concerns Cross-Site Scripting where authorized editors can insert javascript commands by using the url scheme javascript: in all link fields within the TYPO3 installation.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.