VYPR
Medium severity6.1NVD Advisory· Published Jan 23, 2017· Updated Jun 17, 2026

CVE-2016-4056

CVE-2016-4056

Description

Cross-site scripting (XSS) vulnerability in the Backend component in TYPO3 6.2.x before 6.2.19 allows remote attackers to inject arbitrary web script or HTML via the module parameter when creating a bookmark.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
typo3/cmsPackagist
>= 6.2.0, < 6.2.196.2.19

Affected products

33
  • TYPO3/Typo332 versions
    cpe:2.3:a:typo3:typo3:6.2:*:*:*:*:*:*:*+ 31 more
    • cpe:2.3:a:typo3:typo3:6.2:*:*:*:*:*:*:*
    • cpe:2.3:a:typo3:typo3:6.2.0:alpha1:*:*:*:*:*:*
    • cpe:2.3:a:typo3:typo3:6.2.0:alpha2:*:*:*:*:*:*
    • cpe:2.3:a:typo3:typo3:6.2.0:alpha3:*:*:*:*:*:*
    • cpe:2.3:a:typo3:typo3:6.2.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:typo3:typo3:6.2.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:typo3:typo3:6.2.0:beta3:*:*:*:*:*:*
    • cpe:2.3:a:typo3:typo3:6.2.0:beta4:*:*:*:*:*:*
    • cpe:2.3:a:typo3:typo3:6.2.0:beta5:*:*:*:*:*:*
    • cpe:2.3:a:typo3:typo3:6.2.0:beta6:*:*:*:*:*:*
    • cpe:2.3:a:typo3:typo3:6.2.0:beta7:*:*:*:*:*:*
    • cpe:2.3:a:typo3:typo3:6.2.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:typo3:typo3:6.2.0:rc2:*:*:*:*:*:*
    • cpe:2.3:a:typo3:typo3:6.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:typo3:typo3:6.2.10:*:*:*:*:*:*:*
    • cpe:2.3:a:typo3:typo3:6.2.10:rc1:*:*:*:*:*:*
    • cpe:2.3:a:typo3:typo3:6.2.11:*:*:*:*:*:*:*
    • cpe:2.3:a:typo3:typo3:6.2.12:*:*:*:*:*:*:*
    • cpe:2.3:a:typo3:typo3:6.2.13:*:*:*:*:*:*:*
    • cpe:2.3:a:typo3:typo3:6.2.14:*:*:*:*:*:*:*
    • cpe:2.3:a:typo3:typo3:6.2.15:*:*:*:*:*:*:*
    • cpe:2.3:a:typo3:typo3:6.2.16:*:*:*:*:*:*:*
    • cpe:2.3:a:typo3:typo3:6.2.17:*:*:*:*:*:*:*
    • cpe:2.3:a:typo3:typo3:6.2.18:*:*:*:*:*:*:*
    • cpe:2.3:a:typo3:typo3:6.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:typo3:typo3:6.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:typo3:typo3:6.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:typo3:typo3:6.2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:typo3:typo3:6.2.6:*:*:*:*:*:*:*
    • cpe:2.3:a:typo3:typo3:6.2.7:*:*:*:*:*:*:*
    • cpe:2.3:a:typo3:typo3:6.2.8:*:*:*:*:*:*:*
    • cpe:2.3:a:typo3:typo3:6.2.9:*:*:*:*:*:*:*
  • ghsa-coords
    Range: >= 6.2.0, < 6.2.19

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.