[SECURITY] XSS in Indexed Search statistics
authorSteffen Gebert <steffen.gebert@typo3.org>
Wed, 15 Aug 2012 10:17:18 +0000 (12:17 +0200)
committerOliver Hader <oliver.hader@typo3.org>
Wed, 15 Aug 2012 10:17:20 +0000 (12:17 +0200)
commitccbbfc317935408475246aa51d8babc6d5ebb8ec
tree0c40a147b27e1642654be2e624c821d057fcbbf4
parentf0464572249391f6a56c0601797fcb5900c39eb2
[SECURITY] XSS in Indexed Search statistics

Indexed Search statistics module is vulnerable to
persistent XSS attack injected by arbitrary frontend users.

Change-Id: I9298b5d1808cef9d123d4b9c3867f1f55dfe4efe
Fixes: #31927
Releases: 6.0, 4.7, 4.6, 4.5
Security-Commit: f16df3528cb66183fd7371cf6a64f7f7da98dd74
Security-Bulletin: TYPO3-CORE-SA-2012-004
Reviewed-on: http://review.typo3.org/13736
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
typo3/sysext/indexed_search/modfunc2/class.tx_indexedsearch_modfunc2.php