CVE-2015-5956

low

Published 2015-09-16 · Modified 2024-12-07

CVSS v3

—

CVSS v2

3.5

VIR risk

3.5

Description

TYPO3 cross-site scripting (XSS)

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-009/

Ecosystem	Package	Vulnerable	Fixed
Packagist	typo3/cms	`>=6.0,<6.2.15`	`6.2.15`
Packagist	typo3/cms	`>=7.0,<7.4.0`	`7.4.0`
Packagist	typo3/cms	`>=4.0,<=4.5.40`

Vendor	Product	Versions
typo3	typo3	`{"endIncluding":"4.5.40"}`
typo3	typo3	`6.0`
typo3	typo3	`6.0.1`
typo3	typo3	`6.0.2`
typo3	typo3	`6.0.3`
typo3	typo3	`6.0.4`
typo3	typo3	`6.0.5`
typo3	typo3	`6.0.6`
typo3	typo3	`6.0.7`
typo3	typo3	`6.0.8`
typo3	typo3	`6.0.9`
typo3	typo3	`6.0.10`
typo3	typo3	`6.0.11`
typo3	typo3	`6.0.12`
typo3	typo3	`6.0.13`
typo3	typo3	`6.0.14`
typo3	typo3	`6.1`
typo3	typo3	`6.1.1`
typo3	typo3	`6.1.2`
typo3	typo3	`6.1.3`
typo3	typo3	`6.1.4`
typo3	typo3	`6.1.5`
typo3	typo3	`6.1.6`
typo3	typo3	`6.1.7`
typo3	typo3	`6.1.8`
typo3	typo3	`6.1.9`
typo3	typo3	`6.2`
typo3	typo3	`6.2.0`
typo3	typo3	`6.2.1`
typo3	typo3	`6.2.2`
typo3	typo3	`6.2.3`
typo3	typo3	`6.2.4`
typo3	typo3	`6.2.5`
typo3	typo3	`6.2.6`
typo3	typo3	`6.2.7`
typo3	typo3	`6.2.8`
typo3	typo3	`6.2.9`
typo3	typo3	`6.2.10`
typo3	typo3	`6.2.11`
typo3	typo3	`6.2.12`
typo3	typo3	`6.2.13`
typo3	typo3	`6.2.14`
typo3	typo3	`7.0.0`
typo3	typo3	`7.1.0`
typo3	typo3	`7.2.0`
typo3	typo3	`7.3.0`

CWE-79

Verify integrity in audit chain (admin only). AS-IS.