MidnightBSD

Advisories for faceted_search_project

CVE-2020-15517 LOW

The ke_search (aka Faceted Search) extension through 2.8.2, and 3.x through 3.1.3, for TYPO3 allows XSS.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
faceted_search_project faceted_search *
CVE-2023-35783

The ke_search (aka Faceted Search) extension before 4.0.3, 4.1.x through 4.6.x before 4.6.6, and 5.x before 5.0.2 for TYPO3 allows XSS via indexed data.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 6.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L 2.8 3.4

Products Affected

Vendor Product Version
faceted_search_project faceted_search *