Candidate: CVE-2013-7074
PublicDate: 2013-12-21 00:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7074
 http://www.openwall.com/lists/oss-security/2013/12/12
Description:
 Multiple cross-site scripting (XSS) vulnerabilities in Content Editing
 Wizards in TYPO3 4.5.x before 4.5.32, 4.7.x before 4.7.17, 6.0.x before
 6.0.12, 6.1.x before 6.1.7, and the development versions of 6.2 allow
 remote authenticated users to inject arbitrary web script or HTML via
 unspecified parameters.
Ubuntu-Description:
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731999
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_typo3-src:
upstream_typo3-src: released (4.5.32+dfsg1-1)
lucid_typo3-src: ignored (reached end-of-life)
precise_typo3-src: ignored (reached end-of-life)
precise/esm_typo3-src: DNE (precise was needed)
quantal_typo3-src: ignored (reached end-of-life)
raring_typo3-src: released (4.5.19+dfsg1-5+wheezy2build0.13.04.1)
saucy_typo3-src: ignored (reached end-of-life)
trusty_typo3-src: not-affected (4.5.32+dfsg1-1)
trusty/esm_typo3-src: DNE (trusty was not-affected [4.5.32+dfsg1-1])
utopic_typo3-src: not-affected (4.5.32+dfsg1-1)
vivid_typo3-src: not-affected (4.5.32+dfsg1-1)
vivid/stable-phone-overlay_typo3-src: DNE
vivid/ubuntu-core_typo3-src: DNE
wily_typo3-src: DNE
xenial_typo3-src: DNE
yakkety_typo3-src: DNE
zesty_typo3-src: DNE
devel_typo3-src: DNE