Cross-site scripting (XSS) vulnerability in the Branchenbuch (aka Yellow Pages or mh_branchenbuch) extension before 0.9.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| martin_hesse | mh_branchenbuch | 0.8.2 |
| martin_hesse | mh_branchenbuch | * |
| martin_hesse | mh_branchenbuch | 0.8.1 |
| martin_hesse | mh_branchenbuch | 0.8.0 |
| martin_hesse | mh_branchenbuch | 0.7.95 |