Vulnerabilities > Typo3 > Typo3 > 4.4.4

DATE CVE VULNERABILITY TITLE RISK
2012-05-21 CVE-2010-5098 Cross-Site Scripting vulnerability in Typo3
Cross-site scripting (XSS) vulnerability in the FORM content object in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
network
typo3 CWE-79
3.5
3.5
2012-05-21 CVE-2010-5097 Cross-Site Scripting vulnerability in Typo3
Cross-site scripting (XSS) vulnerability in the click enlarge functionality in TYPO3 4.3.x before 4.3.9 and 4.4.x before 4.4.5 when the caching framework is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
high complexity
typo3 CWE-79
2.6
2.6