Moderate severityNVD Advisory· Published Jul 29, 2020· Updated Aug 4, 2024
CVE-2020-16095
CVE-2020-16095
Description
The dlf (aka Kitodo.Presentation) extension before 3.1.2 for TYPO3 allows XSS.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
kitodo/presentationPackagist | < 3.1.2 | 3.1.2 |
Affected products
2- TYPO3/Kitodo.Presentationdescription
Patches
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
6- github.com/advisories/GHSA-fpqv-x9hm-35j9ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-16095ghsaADVISORY
- github.com/kitodo/kitodo-presentation/commit/6a67256388350cc69efa7f36bbaee50c919ca23cghsaWEB
- github.com/kitodo/kitodo-presentation/security/advisories/GHSA-fpqv-x9hm-35j9ghsaWEB
- typo3.org/help/security-advisoriesghsax_refsource_MISCWEB
- typo3.org/security/advisory/typo3-ext-sa-2020-015ghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.