CVE-2015-8755

Published: Jan 8, 2016Modified: May 6, 2026

5.4

Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Exploitability: 2.3 / Impact: 2.7

Source: NVD

Description

Multiple cross-site scripting (XSS) vulnerabilities in unspecified backend components in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allow remote authenticated editors to inject arbitrary web script or HTML via unknown vectors.

Affected (39)

Products: Typo3: Typo3

Typo3

1 product

Typo3

Configuration A

39 vulnerable

Vulnerable Software	Affected Versions
Typo3 Typo3	Version 6.2.0
Typo3 Typo3	Version 6.2.0 alpha1
Typo3 Typo3	Version 6.2.0 alpha2
Typo3 Typo3	Version 6.2.0 alpha3
Typo3 Typo3	Version 6.2.0 beta1
Typo3 Typo3	Version 6.2.0 beta2
Typo3 Typo3	Version 6.2.0 beta3
Typo3 Typo3	Version 6.2.0 beta4
Typo3 Typo3	Version 6.2.0 beta5
Typo3 Typo3	Version 6.2.0 beta6
Typo3 Typo3	Version 6.2.0 beta7
Typo3 Typo3	Version 6.2.0 rc1
Typo3 Typo3	Version 6.2.0 rc2
Typo3 Typo3	Version 6.2.10
Typo3 Typo3	Version 6.2.10 rc1
Typo3 Typo3	Version 6.2.11
Typo3 Typo3	Version 6.2.12
Typo3 Typo3	Version 6.2.13
Typo3 Typo3	Version 6.2.14
Typo3 Typo3	Version 6.2.15
Typo3 Typo3	Version 6.2.1
Typo3 Typo3	Version 6.2.2
Typo3 Typo3	Version 6.2.3
Typo3 Typo3	Version 6.2.4
Typo3 Typo3	Version 6.2.5
Typo3 Typo3	Version 6.2.6
Typo3 Typo3	Version 6.2.7
Typo3 Typo3	Version 6.2.8
Typo3 Typo3	Version 6.2.9
Typo3 Typo3	Version 7.0.0
Typo3 Typo3	Version 7.0.2
Typo3 Typo3	Version 7.1.0
Typo3 Typo3	Version 7.2.0
Typo3 Typo3	Version 7.3.0
Typo3 Typo3	Version 7.3.1
Typo3 Typo3	Version 7.4.0
Typo3 Typo3	Version 7.5.0
Typo3 Typo3	Version 7.6.0
Typo3 Typo3	Version 7.6.1