Unrated severityNVD Advisory· Published Oct 7, 2011· Updated Jun 16, 2026
CVE-2010-4890
CVE-2010-4890
Description
Cross-site scripting (XSS) vulnerability in the Yet Another Calendar (ke_yac) extension before 1.1.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6cpe:2.3:a:andreas_kiefer:ke_yac:*:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:andreas_kiefer:ke_yac:*:*:*:*:*:*:*:*range: <=1.1.1
- cpe:2.3:a:andreas_kiefer:ke_yac:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:andreas_kiefer:ke_yac:1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:andreas_kiefer:ke_yac:1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:andreas_kiefer:ke_yac:1.1.0:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.