Search for vulnerabilities
| Vulnerability ID | VCID-na5r-a8r1-kfa7 |
| Aliases |
CVE-2012-3531
GHSA-p9wg-jvj4-cx26 |
| Summary | Typo3 Install Tool XSS Vulnerability Cross-site scripting (XSS) vulnerability in the Install Tool in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
| Status | Published |
| Exploitability | 0.5 |
| Weighted Severity | 6.2 |
| Risk | 3.1 |
| Affected and Fixed Packages | Package Details |
| System | Score | Found at |
|---|---|---|
| epss | 0.00248 | https://api.first.org/data/v1/epss?cve=CVE-2012-3531 |
| epss | 0.00248 | https://api.first.org/data/v1/epss?cve=CVE-2012-3531 |
| generic_textual | MODERATE | https://exchange.xforce.ibmcloud.com/vulnerabilities/78888 |
| generic_textual | MODERATE | https://nvd.nist.gov/vuln/detail/CVE-2012-3531 |
| generic_textual | MODERATE | http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-004 |
| generic_textual | MODERATE | http://www.debian.org/security/2012/dsa-2537 |
| generic_textual | MODERATE | http://www.openwall.com/lists/oss-security/2012/08/22/8 |
| Percentile | 0.47988 |
| EPSS Score | 0.00248 |
| Published At | June 30, 2025, 12:55 p.m. |
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2025-07-01T12:30:40.236904+00:00 | GithubOSV Importer | Import | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-p9wg-jvj4-cx26/GHSA-p9wg-jvj4-cx26.json | 36.1.3 |