N/A

CVSS Score

Basic Information

CVE ID

GHSA ID

GHSA-wh8q-72cp-p5wf

EPSS Score

CWE

Published

6/3/2024

Updated

6/3/2024

KEV Status

Technology

PHP

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

GHSA-wh8q-72cp-p5wf

GHSA-wh8q-72cp-p5wf: Cross-Site Scripting in TYPO3 component Indexed Search

Failing to properly encode editor input, the search result view of indexed_search is susceptible to Cross-Site Scripting, allowing authenticated editors to inject arbitrary HTML.

(GitHub Advisory)

N/A

CVSS Score

Basic Information

CVE ID

GHSA ID

GHSA-wh8q-72cp-p5wf

EPSS Score

CWE

Published

6/3/2024

Updated

6/3/2024

KEV Status

Technology

PHP

Technical Details

CVSS Vector

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
typo3/cms	composer	>= 6.2.0, < 6.2.16	6.2.16

Vulnerability Intelligence
Miggo AI

Root Cause Analysis:

In progress

WAF Protection Rules

WAF Rule

**ilin* to prop*rly *n*o** **itor input, t** s**r** r*sult vi*w o* in**x**_s**r** is sus**pti*l* to *ross-Sit* S*riptin*, *llowin* *ut**nti**t** **itors to inj**t *r*itr*ry *TML.

Reasoning

No *n*lysis *v*il**l*

N/A

Basic Information

Concerned about an active attack path?

GHSA-wh8q-72cp-p5wf: Cross-Site Scripting in TYPO3 component Indexed Search

N/A

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI