Christian Welzel
2008-Nov-11 18:46 UTC
[Secure-testing-team] Bug#505324: typo3-src: Cross-Site Scripting (XSS) in BE module fileadmin
Package: typo3-src Version: 4.2.2 Severity: grave Tags: security Justification: user security hole the version 4.2.2 of typo3 is vulnerable to a xss attack in the backend modul "fileadmin". -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (650, ''testing''), (600, ''unstable'') Architecture: amd64 (x86_64) Kernel: Linux 2.6.26-1-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash