Intrusion PreventionTYPO3.BodyTag.URI.XSS
Description
This indicates an attack attempt against a cross-site scripting (XSS) vulnerability in Typo3.
A vulnerability has been reported in Typo3 that may allow an attacker to execute script codes on a vulnerable system. This is due to its insecure encryption mechanism that can be easily bypassed by an attacker resulting to various attacks such as XSS.
Affected Products
TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3
Impact
System Compromise: Remote attackers can gain control of the vulnerable system.
Recommended Actions
Update to Typo3 version 4.0.10, 4.1.8, or 4.2.4.
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2023-08-01 | 25.612 | Name:Typo3. BodyTag. URI. XSS:TYPO3. BodyTag. URI. XSS |
| 2021-01-11 | 16.995 |
| ID | 17296 |
| Created | Mar 19, 2009 |
| Updated | Jul 31, 2023 |
| Risk |
|
| CVE ID | CVE-2009-0255 |
| Exploit Prediction Score | 2.24% |
| Default Action | drop |
| Active | |
| Affected OS | Linux |
| Affected App | Other |