Cross-site Scripting in TYPO3 extension · CVE-2021-36785 · GitHub Advisory Database · GitHub

Cross-site Scripting in TYPO3 extension

Moderate severity GitHub Reviewed Published Aug 30, 2021 to the GitHub Advisory Database • Updated Feb 1, 2023

Package

miniorange/miniorange-saml (Composer)

Affected versions

< 1.4.3

Patched versions

1.4.3

Description

The miniorange_saml (aka Miniorange Saml) extension before 1.4.3 for TYPO3 allows XSS.

References

Published by the National Vulnerability Database

Aug 13, 2021

Reviewed Aug 30, 2021

Published to the GitHub Advisory Database Aug 30, 2021

Last updated Feb 1, 2023