1 results (0.003 seconds)

CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0

An XSS issue was discovered in the google_for_jobs (aka Google for Jobs) extension before 1.5.1 and 2.x before 2.1.1 for TYPO3. The extension fails to properly encode user input for output in HTML context. A TYPO3 backend user account is required to exploit the vulnerability. Se ha detectado un problema de tipo XSS en la extensión google_for_jobs (también se conoce como Google for Jobs) versiones anteriores a 1.5.1 y versiones 2.x anteriores a 2.1.1 para TYPO3. La extensión no codifica correctamente la entrada del usuario para la salida en el contexto HTML. • https://typo3.org/security/advisory/typo3-ext-sa-2021-015 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •