Vulnerabilities > Typo3 > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-10-28 | CVE-2013-6289 | Cross-Site Scripting vulnerability in Ingo Renner Apache Solr Cross-site scripting (XSS) vulnerability in the Apache Solr for TYPO3 (solr) extension before 2.8.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2013-08-23 | CVE-2013-5570 | Cross-Site Scripting vulnerability in Axel Jung JS CSS Optimizer Cross-site scripting (XSS) vulnerability in the Javascript and CSS Optimizer extension before 1.1.14 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2013-08-20 | CVE-2013-5323 | Cross-Site Scripting vulnerability in Stanislas Rolland Static Info Tables Cross-site scripting (XSS) vulnerability in the Static Info Tables (static_info_tables) extension before 2.3.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2013-08-16 | CVE-2013-5308 | Cross-Site Scripting vulnerability in Juralsulek Realurlmanagement Cross-site scripting (XSS) vulnerability in the RealURL Management (realurlmanagement) extension 0.3.4 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2013-08-16 | CVE-2013-5307 | Cross-Site Scripting vulnerability in Kennziffer KE Search Cross-site scripting (XSS) vulnerability in the Faceted Search (ke_search) extension before 1.4.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2013-08-16 | CVE-2013-5305 | Cross-Site Scripting vulnerability in Joachim Ruhs Locator Cross-site scripting (XSS) vulnerability in the Store Locator (locator) extension before 3.1.5 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2013-07-20 | CVE-2013-4871 | Cross-Site Request Forgery (CSRF) vulnerability in Markus Blaschke TQ SEO 5.0.0 Cross-site request forgery (CSRF) vulnerability in the TEQneers SEO Enhancements (tq_seo) extension before 5.0.1 for TYPO3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 6.8 |
| 2013-07-01 | CVE-2013-4749 | Cross-Site Scripting vulnerability in Usertask Center Messaging Project Usertask Center Messaging Cross-site scripting (XSS) vulnerability in the UserTask Center, Messaging (sys_messages) extension 1.1.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2013-07-01 | CVE-2013-4747 | Cross-Site Scripting vulnerability in Kasper Skarhoj Accessible IS Browse Results 1.2.1 Cross-site scripting (XSS) vulnerability in the Accessible browse results for indexed search (accessible_is_browse_results) extension 1.2.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2013-07-01 | CVE-2013-4746 | Cross-Site Scripting vulnerability in Kurt Gusbeth Myquizpoll Cross-site scripting (XSS) vulnerability in the My quiz and poll (myquizpoll) extension before 2.0.6 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |