Vulnerabilities > Typo3 > Medium

DATE CVE VULNERABILITY TITLE RISK
2016-01-08 CVE-2015-8759 Cross-site Scripting vulnerability in Typo3
Cross-site scripting (XSS) vulnerability in the typoLink function in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allows remote authenticated editors to inject arbitrary web script or HTML via a link field.
network
low complexity
typo3 CWE-79
5.4
5.4
2016-01-08 CVE-2015-8758 Cross-site Scripting vulnerability in Typo3
Multiple cross-site scripting (XSS) vulnerabilities in unspecified frontend components in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allow remote authenticated editors to inject arbitrary web script or HTML via unknown vectors.
network
low complexity
typo3 CWE-79
5.4
5.4
2016-01-08 CVE-2015-8757 Cross-site Scripting vulnerability in Typo3
Cross-site scripting (XSS) vulnerability in the Extension Manager in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to extension data during an extension installation.
network
low complexity
typo3 CWE-79
6.1
6.1
2016-01-08 CVE-2015-8756 Cross-site Scripting vulnerability in Typo3
Cross-site scripting (XSS) vulnerability in the search result view in the Indexed Search (indexed_search) component in TYPO3 6.2.x before 6.2.16 allows remote authenticated editors to inject arbitrary web script or HTML via unspecified vectors.
network
low complexity
typo3 CWE-79
5.4
5.4
2016-01-08 CVE-2015-8755 Cross-site Scripting vulnerability in Typo3
Multiple cross-site scripting (XSS) vulnerabilities in unspecified backend components in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allow remote authenticated editors to inject arbitrary web script or HTML via unknown vectors.
network
low complexity
typo3 CWE-79
5.4
5.4