vulnerability note 12149
Dotclear, TYPO3, SPIP: Cross Site Scripting in the embedded application swfupload.swf
Synthesis of the vulnerability
Dotclear, SPIP, TYPO3 Extensions.
Description of the vulnerability
The blog manager Dotclear and several applications that runs over TYPO3 or SPIP include the Flash application swfupload.swf, to upload files to the server.
Share this bulletin
Computer vulnerabilities tracking service
Vigil@nce provides networks vulnerabilities analysis
. Each administrator can customize the list of products for which he wants to receive vulnerability alerts. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.