VYPR
Low severityNVD Advisory· Published Oct 3, 2014· Updated Jun 17, 2026

CVE-2014-6296

CVE-2014-6296

Description

Cross-site scripting (XSS) vulnerability in the WEC Map (wec_map) extension before 3.0.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
web-tp3/wec_mapPackagist
< 3.0.33.0.3
jbartels/wec-mapPackagist
< 3.0.33.0.3

Affected products

5
  • cpe:2.3:a:wec_map_project:wec_map:3.0.0:*:*:*:*:typo3:*:*+ 2 more
    • cpe:2.3:a:wec_map_project:wec_map:3.0.0:*:*:*:*:typo3:*:*
    • cpe:2.3:a:wec_map_project:wec_map:3.0.1:*:*:*:*:typo3:*:*
    • cpe:2.3:a:wec_map_project:wec_map:*:*:*:*:*:typo3:*:*range: <=3.0.2
  • ghsa-coords2 versions
    < 3.0.3+ 1 more
    • (no CPE)range: < 3.0.3
    • (no CPE)range: < 3.0.3

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.