[SECURITY] XSS in Indexed Search statistics
authorSteffen Gebert <steffen.gebert@typo3.org>
Wed, 15 Aug 2012 10:18:20 +0000 (12:18 +0200)
committerOliver Hader <oliver.hader@typo3.org>
Wed, 15 Aug 2012 10:18:24 +0000 (12:18 +0200)
commit8c0b4dc66d4c22711f697b74d5c15fbaf7d07528
tree5e42fb13471089d7e5527450d21d53b9a9211fd4
parent4c8c0fdd6498c88a6de0e1250c10710fcbc82b4e
[SECURITY] XSS in Indexed Search statistics

Indexed Search statistics module is vulnerable to
persistent XSS attack injected by arbitrary frontend users.

Change-Id: I084bffd1e0b489e6f061f5672f7fb12b3bab1aee
Fixes: #31927
Releases: 6.0, 4.7, 4.6, 4.5
Security-Commit: 62ae11e97b563746bed0884d8f3d52d8fc3ea84a
Security-Bulletin: TYPO3-CORE-SA-2012-004
Reviewed-on: http://review.typo3.org/13746
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
typo3/sysext/indexed_search/modfunc2/class.tx_indexedsearch_modfunc2.php