Headline
GHSA-f4m6-x2xj-jc7w: ke_search (aka Faceted Search) vulnerable to Cross-Site Scripting
The ke_search (aka Faceted Search) extension before 4.0.3, 4.1.x through 4.6.x before 4.6.6, and 5.x before 5.0.2 for TYPO3 allows XSS via indexed data.
ke_search (aka Faceted Search) vulnerable to Cross-Site Scripting
Moderate severity GitHub Reviewed Published Jun 16, 2023 to the GitHub Advisory Database • Updated Jun 16, 2023
Related news
CVE-2023-35783: Cross-Site Scripting in extension "Faceted Search" (ke_search)
The ke_search (aka Faceted Search) extension before 4.0.3, 4.1.x through 4.6.x before 4.6.6, and 5.x before 5.0.2 for TYPO3 allows XSS via indexed data.