{ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2013-7077", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Cross-site scripting (XSS) vulnerability in the Backend User Administration Module in TYPO3 6.0.x before 6.0.12 and 6.1.x before 6.1.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "[oss-security] 20131212 Re: CVE request: TYPO3-CORE-SA-2013-004 and TYPO3-FLOW-SA-2013-001", "refsource": "MLIST", "url": "http://seclists.org/oss-sec/2013/q4/487" }, { "name": "backenduseradministration-URL-xss(89626)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89626" }, { "name": "[oss-security] 20131211 CVE request: TYPO3-CORE-SA-2013-004 and TYPO3-FLOW-SA-2013-001", "refsource": "MLIST", "url": "http://seclists.org/oss-sec/2013/q4/473" }, { "name": "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004", "refsource": "CONFIRM", "url": "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004" }, { "name": "100884", "refsource": "OSVDB", "url": "http://osvdb.org/100884" } ] } }