Unrated severityNVD Advisory· Published Jul 22, 2010· Updated Apr 29, 2026
CVE-2009-4953
CVE-2009-4953
Description
Cross-site scripting (XSS) vulnerability in the Userdata Create/Edit (sg_userdata) extension before 0.91.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Affected products
7cpe:2.3:a:stefan_geith:sg_userdata:0.90.210:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:stefan_geith:sg_userdata:0.90.210:*:*:*:*:*:*:*
- cpe:2.3:a:stefan_geith:sg_userdata:*:*:*:*:*:*:*:*range: <=0.90.300
- cpe:2.3:a:stefan_geith:sg_userdata:0.90.100:*:*:*:*:*:*:*
- cpe:2.3:a:stefan_geith:sg_userdata:0.90.101:*:*:*:*:*:*:*
- cpe:2.3:a:stefan_geith:sg_userdata:0.90.109:*:*:*:*:*:*:*
- cpe:2.3:a:stefan_geith:sg_userdata:0.90.111:*:*:*:*:*:*:*
- cpe:2.3:a:stefan_geith:sg_userdata:0.90.202:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- typo3.org/teams/security/security-bulletins/typo3-sa-2009-005/nvdPatchVendor Advisory
News mentions
0No linked articles in our index yet.