CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0CVE-2009-2104
https://notcve.org/view.php?id=CVE-2009-2104
Cross-site scripting (XSS) vulnerability in the Modern Guestbook / Commenting System (ve_guestbook) extension 2.7.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de ejecución de secuencias de comandos cruzados(XSS) en la extensión Modern Guestbook / Comenting System (ve_guestbook) v2.7.1 y anteriores para TYPO3, permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través de vectores no especificados. • http://osvdb.org/55122 http://secunia.com/advisories/35483 http://typo3.org/extensions/repository/view/ve_guestbook/2.7.2 http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-009 http://www.securityfocus.com/bid/35397 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •