[SECURITY] XSS in Indexed Search statistics
authorSteffen Gebert <steffen.gebert@typo3.org>
Wed, 15 Aug 2012 10:20:54 +0000 (12:20 +0200)
committerOliver Hader <oliver.hader@typo3.org>
Wed, 15 Aug 2012 10:21:01 +0000 (12:21 +0200)
commit06c16f87b44b00e4a34f5c56003a4a3569f4d03b
treebba1d2d65f78e306fd04ae925af256bdfe168757
parent51fe9e0fc3a15362c9fec9fdd68ca69d4ba3b5fc
[SECURITY] XSS in Indexed Search statistics

Indexed Search statistics module is vulnerable to
persistent XSS attack injected by arbitrary frontend users.

Change-Id: Ieb87cfff20a5e49522a2410d24a3b2ae141535a0
Fixes: #31927
Releases: 6.0, 4.7, 4.6, 4.5
Security-Commit: 9aa89980af0db90bfc535f4858fc61036c3d8170
Security-Bulletin: TYPO3-CORE-SA-2012-004
Reviewed-on: http://review.typo3.org/13766
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
typo3/sysext/indexed_search/modfunc2/class.tx_indexedsearch_modfunc2.php