Vulnerabilities > Typo3 > Fluid Engine

DATE CVE VULNERABILITY TITLE RISK
2020-10-08 CVE-2020-15241 Cross-site Scripting vulnerability in Typo3 Fluid Engine and Typo3
TYPO3 Fluid Engine (package `typo3fluid/fluid`) before versions 2.0.5, 2.1.4, 2.2.1, 2.3.5, 2.4.1, 2.5.5 or 2.6.1 is vulnerable to cross-site scripting when making use of the ternary conditional operator in templates like `{showFullName ? fullName : defaultValue}`.
network
low complexity
typo3 CWE-79
6.1