Vulnerabilities > Typo3 > Fluid Engine > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-10-08 | CVE-2020-15241 | Cross-site Scripting vulnerability in Typo3 Fluid Engine and Typo3 TYPO3 Fluid Engine (package `typo3fluid/fluid`) before versions 2.0.5, 2.1.4, 2.2.1, 2.3.5, 2.4.1, 2.5.5 or 2.6.1 is vulnerable to cross-site scripting when making use of the ternary conditional operator in templates like `{showFullName ? fullName : defaultValue}`. | 4.3 |