PatchSiren

Netresearch CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

MEDIUM Netresearch CVE published 2017-02-12

CVE-2017-5962

CVE-2017-5962 is a cross-site scripting issue in contexts_wurfl for TYPO3. User-supplied data in the force_ua HTTP GET parameter on the /contexts_wurfl/Library/wurfl-dbapi-1.4.4.0/check_wurfl.php endpoint was not filtered sufficiently, allowing HTML and script execution in the browser context of the vulnerable site.