Moderate severityNVD Advisory· Published Apr 28, 2021· Updated Aug 3, 2024
CVE-2021-31778
CVE-2021-31778
Description
The media2click (aka 2 Clicks for External Media) extension 1.x before 1.3.3 for TYPO3 allows XSS by a backend user account.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
amazing/media2clickPackagist | >= 1.0.0, < 1.3.3 | 1.3.3 |
Affected products
1Patches
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
5- github.com/advisories/GHSA-xpxm-pf7g-2534ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-31778ghsaADVISORY
- github.com/ghermens/media2click/commit/3c4e413fbc7d35c47212e754c24d5070637a11a3ghsaWEB
- packagist.org/packages/amazing/media2clickghsaWEB
- typo3.org/security/advisory/typo3-ext-sa-2021-004ghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.