PublicDate: 2008-06-16 22:41:00 UTC
Candidate: CVE-2008-2718
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2718
Description:
 Cross-site scripting (XSS) vulnerability in fe_adminlib.inc in TYPO3 4.0.x
 before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.2.1, as used in
 extensions such as (1) direct_mail_subscription, (2) feuser_admin, and (3)
 kb_md5fepw, allows remote attackers to inject arbitrary web script or HTML
 via unspecified vectors.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_typo3-src:
upstream_typo3-src: released (4.1.7-1)
dapper_typo3-src: ignored (reached end-of-life)
feisty_typo3-src: needed (reached end-of-life)
gutsy_typo3-src: needed (reached end-of-life)
hardy_typo3-src: ignored (reached end-of-life)
intrepid_typo3-src: not-affected (4.2.1-1)
jaunty_typo3-src: not-affected (4.2.1-1)
karmic_typo3-src: not-affected (4.2.1-1)
lucid_typo3-src: not-affected (4.2.1-1)
maverick_typo3-src: not-affected (4.2.1-1)
natty_typo3-src: not-affected (4.2.1-1)
oneiric_typo3-src: not-affected (4.2.1-1)
devel_typo3-src: not-affected (4.2.1-1)