CVE-2012-1082

TYPO3 terminal <0.3.2 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in the Terminal PHP Shell (terminal) extension 0.3.2 and earlier for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

References (3)

[Vendor Advisory] http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-001/

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/51849

[Third Party Advisory, VDB Entry] http://osvdb.org/78796

Scores

EPSS 0.0021

EPSS Percentile 43.0%

Classification

CWE

CWE-79

Status published

Affected Products (2)

typo3/terminal < 0.3.2

n/a/n/a

Timeline

Published Feb 14, 2012

Tracked Since Feb 18, 2026