Unrated severityNVD Advisory· Published Sep 28, 2006· Updated Jun 16, 2026

CVE-2006-5069

Description

Cross-site scripting (XSS) vulnerability in class.tx_indexedsearch.php in the Indexed Search 2.9.0 extension for Typo3 before 4.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

TYPO3/Typo32 versions
cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*range: <=4.0.1
- cpe:2.3:a:typo3:typo3:4.0:*:*:*:*:*:*:*
Mischa Heissmann/No Indexed Searchllm-fuzzy
Range: =2.9.0

Patches

Vulnerability mechanics

References

secunia.com/advisories/22071nvdPatchVendor Advisory
typo3.org/teams/security/security-bulletins/typo3-20060911-1/nvdPatch
www.securityfocus.com/bid/20173nvdPatch
marc.infonvd
securityreason.com/securityalert/1646nvd
www.securityfocus.com/archive/1/446885/100/0/threadednvd
www.vupen.com/english/advisories/2006/3782nvd
exchange.xforce.ibmcloud.com/vulnerabilities/29128nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000