vulnerability

Ubuntu: (CVE-2011-4626): typo3-src vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:N/I:P/A:N)	Nov 6, 2019	Nov 19, 2024	Mar 27, 2026

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:P/A:N)

Published

Nov 6, 2019

Added

Nov 19, 2024

Modified

Mar 27, 2026

Description

Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the "JSwindow" property of the typolink function.

Solution

ubuntu-upgrade-typo3-src

References

CVE-2011-4626
https://attackerkb.com/topics/CVE-2011-4626
CWE-79
EUVD-EUVD-2011-4548
http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2011-001/
https://euvd.enisa.europa.eu/vulnerability/EUVD-2011-4548
https://www.cve.org/CVERecord?id=CVE-2011-4626

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report