VYPR
Medium severity6.1NVD Advisory· Published Feb 12, 2017· Updated Jun 17, 2026

CVE-2017-5963

CVE-2017-5963

Description

An issue was discovered in caddy (for TYPO3) before 7.2.10. The vulnerability exists due to insufficient filtration of user-supplied data in the "paymillToken" HTTP POST parameter passed to the "caddy/Resources/Public/JavaScript/e-payment/paymill/api/php/payment.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

23
  • Caddy Project/Caddy22 versions
    cpe:2.3:a:caddy_project:caddy:2.1.4:alpha:*:*:*:typo3:*:*+ 21 more
    • cpe:2.3:a:caddy_project:caddy:2.1.4:alpha:*:*:*:typo3:*:*
    • cpe:2.3:a:caddy_project:caddy:2.1.5:alpha:*:*:*:typo3:*:*
    • cpe:2.3:a:caddy_project:caddy:2.1.6:alpha:*:*:*:typo3:*:*
    • cpe:2.3:a:caddy_project:caddy:3.0.0:alpha:*:*:*:typo3:*:*
    • cpe:2.3:a:caddy_project:caddy:4.0.0:alpha:*:*:*:typo3:*:*
    • cpe:2.3:a:caddy_project:caddy:4.0.12:alpha:*:*:*:typo3:*:*
    • cpe:2.3:a:caddy_project:caddy:4.0.1:alpha:*:*:*:typo3:*:*
    • cpe:2.3:a:caddy_project:caddy:4.0.2:alpha:*:*:*:typo3:*:*
    • cpe:2.3:a:caddy_project:caddy:4.0.3:alpha:*:*:*:typo3:*:*
    • cpe:2.3:a:caddy_project:caddy:6.0.12:beta:*:*:*:typo3:*:*
    • cpe:2.3:a:caddy_project:caddy:6.0.14:beta:*:*:*:typo3:*:*
    • cpe:2.3:a:caddy_project:caddy:6.0.1:alpha:*:*:*:typo3:*:*
    • cpe:2.3:a:caddy_project:caddy:6.0.2:alpha:*:*:*:typo3:*:*
    • cpe:2.3:a:caddy_project:caddy:6.0.9:alpha:*:*:*:typo3:*:*
    • cpe:2.3:a:caddy_project:caddy:6.1.0:beta:*:*:*:typo3:*:*
    • cpe:2.3:a:caddy_project:caddy:6.2.1:beta:*:*:*:typo3:*:*
    • cpe:2.3:a:caddy_project:caddy:6.3.0:beta:*:*:*:typo3:*:*
    • cpe:2.3:a:caddy_project:caddy:6.3.1:beta:*:*:*:typo3:*:*
    • cpe:2.3:a:caddy_project:caddy:6.3.3:beta:*:*:*:typo3:*:*
    • cpe:2.3:a:caddy_project:caddy:7.0.0:beta:*:*:*:typo3:*:*
    • cpe:2.3:a:caddy_project:caddy:7.1.0:beta:*:*:*:typo3:*:*
    • cpe:2.3:a:caddy_project:caddy:7.2.7:beta:*:*:*:typo3:*:*
  • TYPO3/caddyllm-create
    Range: <7.2.10

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.