1 results (0.003 seconds)

CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0

Cross-site scripting (XSS) vulnerability in the KJ: Imagelightbox (kj_imagelightbox2) extension 2.0.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2008-2490. Vulnerabilidad de ejecución de comandos en sitios cruzados(XSS) en la extensión de TYPO3 "KJ: Imagelightbox" (kj_imagelightbox2) v2.0.0 y anteriores permite a atacantes remotos inyectar HTML o scripts web a través de vectores no especificados. Se trata de una vulnerabilidad distinta a CVE-2008-2490. • http://secunia.com/advisories/38165 http://typo3.org/extensions/repository/view/kj_imagelightbox2/2.0.2 http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •