Security Advisory

CVE-2020-11070

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-05-13 18:40:11

Last updated 2024-08-04 11:21:14

Assigner GitHub_M

State PUBLISHED

Description

The SVG Sanitizer extension for TYPO3 has a cross-site scripting vulnerability in versions before 1.0.3. Slightly invalid or incomplete SVG markup is not correctly processed and thus not sanitized at all. Albeit the markup is not valid it still is evaluated in browsers and leads to cross-site scripting. This is fixed in version 1.0.3.

← Browse all CVEs View on cve.org ↗