Cross-Site Scripting (XSS) Vulnerability in ke_search Extension for TYPO3

Cross-Site Scripting (XSS) Vulnerability in ke_search Extension for TYPO3

CVE-2023-35783 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

The ke_search (aka Faceted Search) extension before 4.0.3, 4.1.x through 4.6.x before 4.6.6, and 5.x before 5.0.2 for TYPO3 allows XSS via indexed data.

Learn more about our Web Application Penetration Testing UK.