CVE-2008-4903
Publication date 4 November 2008
Last updated 24 July 2024
Ubuntu priority
Cross-site scripting (XSS) vulnerability in the leave comment (feedback) feature in Typo 5.1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) comment[author] (Name) and (2) comment[url] (Website) parameters.
Status
Package | Ubuntu Release | Status |
---|---|---|
typo3-src | 9.10 karmic |
Not affected
|
9.04 jaunty |
Not affected
|
|
8.10 intrepid |
Not affected
|
|
8.04 LTS hardy |
Not affected
|
|
7.10 gutsy | Ignored end of life, was needed | |
6.06 LTS dapper | Ignored end of life |