Security Advisory

CVE-2024-34356

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-05-14 14:05:19

Last updated 2024-08-02 02:51:11

Assigner GitHub_M

State PUBLISHED

Description

TYPO3 is an enterprise content management system. Starting in version 9.0.0 and prior to versions 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, and 13.1.1, the form manager backend module is vulnerable to cross-site scripting. Exploiting this vulnerability requires a valid backend user account with access to the form module. TYPO3 versions 9.5.48 ELTS, 10.4.45 ELTS, 11.5.37 LTS, 12.4.15 LTS, and 13.1.1 fix the problem described.

← Browse all CVEs View on cve.org ↗