PT-2025-11683 · Packagist · Codingms/Additional-Tca

Published

2025-03-19

Updated

2025-03-19

CVE-2025-30083

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

A cross-site scripting (XSS) vulnerability has been discovered in the Additional TCA extension. This vulnerabily is exploitable by a logged in backend user utilizing the TYPO3 backend user interface. This user can create output in the HTML context by exploiting improperly encoded user input. Updates 1.15.17 and 1.16.9 are available for download.

Exploit

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2025-30083

GHSA-RRH3-CGMX-W62F

Affected Products

Codingms/Additional-Tca

PT-2025-11683 · Packagist · Codingms/Additional-Tca

CVE-2025-30083

Weakness Enumeration

Related Identifiers

Affected Products

References · 4