Vulnerability Description
The gridelements (aka Grid Elements) extension through 7.6.1, 8.x through 8.7.0, 9.x through 9.7.0, and 10.x through 10.2.0 extension for TYPO3 allows XSS.
CVSS Score
5.4
MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Grid Elements Project | Grid Elements | < 7.7.0 |
Related Weaknesses (CWE)
References
- https://typo3.org/help/security-advisoriesThird Party Advisory
- https://typo3.org/security/advisory/typo3-ext-sa-2022-009PatchThird Party Advisory
- https://typo3.org/help/security-advisoriesThird Party Advisory
- https://typo3.org/security/advisory/typo3-ext-sa-2022-009PatchThird Party Advisory
FAQ
What is CVE-2022-29602?
CVE-2022-29602 is a vulnerability with a CVSS score of 5.4 (MEDIUM). The gridelements (aka Grid Elements) extension through 7.6.1, 8.x through 8.7.0, 9.x through 9.7.0, and 10.x through 10.2.0 extension for TYPO3 allows XSS.
How severe is CVE-2022-29602?
CVE-2022-29602 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-29602?
Check the references section above for vendor advisories and patch information. Affected products include: Grid Elements Project Grid Elements.