Test ID:	1.3.6.1.4.1.25623.1.0.803991
Category:	Web application abuses
Title:	TYPO3 felogin Cross Site Scripting Vulnerability
Summary:	TYPO3 is prone to a cross-site scripting (XSS) vulnerability.
Description:	Summary: TYPO3 is prone to a cross-site scripting (XSS) vulnerability. Vulnerability Insight: An error exists in the front-end login box (felogin), which fails to validate certain user inputs Vulnerability Impact: Successful exploitation will allow remote attackers to steal the victim's cookie-based authentication credentials. Affected Software/OS: TYPO3 versions 4.2.0 to 4.2.6 Solution: Upgrade to TYPO3 version 4.2.7 or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-3634 BugTraq ID: 36801 http://www.securityfocus.com/bid/36801 http://marc.info/?l=oss-security&m=125632856206736&w=2 http://marc.info/?l=oss-security&m=125633199111438&w=2 http://secunia.com/advisories/37122 http://www.vupen.com/english/advisories/2009/3009 XForce ISS Database: typo3-login-xss(53926) https://exchange.xforce.ibmcloud.com/vulnerabilities/53926
Copyright	Copyright (C) 2013 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.