Candidate: CVE-2015-8756
PublicDate: 2016-01-08 19:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8756
 http://www.securitytracker.com/id/1034486
 http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-015/
Description:
 Cross-site scripting (XSS) vulnerability in the search result view in the
 Indexed Search (indexed_search) component in TYPO3 6.2.x before 6.2.16
 allows remote authenticated editors to inject arbitrary web script or HTML
 via unspecified vectors.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N [5.4 MEDIUM]

Patches_typo3-src:
upstream_typo3-src: released (6.2.16)
precise_typo3-src: ignored (reached end-of-life)
precise/esm_typo3-src: DNE (precise was needs-triage)
trusty_typo3-src: ignored (reached end-of-life)
trusty/esm_typo3-src: DNE (trusty was needed)
vivid_typo3-src: ignored (reached end-of-life)
vivid/stable-phone-overlay_typo3-src: DNE
vivid/ubuntu-core_typo3-src: DNE
wily_typo3-src: DNE
xenial_typo3-src: DNE
yakkety_typo3-src: DNE
zesty_typo3-src: DNE
artful_typo3-src: DNE
bionic_typo3-src: DNE
cosmic_typo3-src: DNE
disco_typo3-src: DNE
devel_typo3-src: DNE