CVE-2020-15241
- Source
- https://cve.org/CVERecord?id=CVE-2020-15241
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-15241.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2020-15241
- Aliases
- Published
- 2020-10-08T21:15:10.167Z
- Modified
- 2026-05-28T04:05:41.824241778Z
- Severity
-
- 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
TYPO3 Fluid Engine (package
typo3fluid/fluid) before versions 2.0.5, 2.1.4, 2.2.1, 2.3.5, 2.4.1, 2.5.5 or 2.6.1 is vulnerable to cross-site scripting when making use of the ternary conditional operator in templates like{showFullName ? fullName : defaultValue}. Updated versions of this package are bundled in following TYPO3 (typo3/cms-core) versions as well: TYPO3 v8.7.25 (usingtypo3fluid/fluidv2.5.4) and TYPO3 v9.5.6 (usingtypo3fluid/fluidv2.6.1). - Database specific
{ "unresolved_ranges": [ { "extracted_events": [ { "last_affected": "8.7.25" }, { "last_affected": "8.7.25" } ], "source": "CPE_STRING", "cpes": [ "cpe:2.3:a:typo3:typo3:8.7.25:*:*:*:*:*:*:*" ], "vendor_product": "typo3:typo3" } ] }- References
Affected packages
Git / github.com/typo3/fluid
Affected ranges
- Type
- GIT
- Repo
- https://github.com/typo3/fluid
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedIntroducedFixedIntroducedFixedIntroducedFixedIntroducedFixedIntroducedFixedIntroducedFixed
- Database specific
{ "cpe": "cpe:2.3:a:typo3:fluid_engine:*:*:*:*:*:*:*:*", "extracted_events": [ { "introduced": "0" }, { "fixed": "2.0.5" }, { "introduced": "2.1.0" }, { "fixed": "2.1.4" }, { "introduced": "2.2.0" }, { "fixed": "2.2.1" }, { "introduced": "2.3.0" }, { "fixed": "2.3.5" }, { "introduced": "2.4.0" }, { "fixed": "2.4.1" }, { "introduced": "2.5.0" }, { "fixed": "2.5.5" }, { "introduced": "2.6.0" }, { "fixed": "2.6.1" } ], "source": [ "CPE_RANGE", "REFERENCES" ] }
Git / github.com/typo3/typo3
Affected ranges
- Type
- GIT
- Repo
- https://github.com/typo3/typo3
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedLast affected
- Database specific
{ "cpe": [ "cpe:2.3:a:typo3:typo3:8.7.25:*:*:*:*:*:*:*", "cpe:2.3:a:typo3:typo3:9.5.6:*:*:*:*:*:*:*" ], "source": "CPE_STRING", "extracted_events": [ { "introduced": "0" }, { "last_affected": "8.7.25" }, { "last_affected": "9.5.6" } ] }
Affected versions
6.*
6.2.0
6.2.1
6.2.2
6.2.3
7.*
7.0.0
7.1.0
7.2.0
7.3.0
7.4.0
7.5.0
7.6.0
7.6.1
7.6.2
8.*
8.0.0
8.1.0
8.2.0
8.3.0
8.4.0
8.5.0
8.6.0
8.7.0
8.7.1
8.7.10
8.7.11
8.7.12
8.7.13
8.7.14
8.7.15
8.7.16
8.7.17
8.7.18
8.7.19
8.7.2
8.7.20
8.7.21
8.7.22
8.7.23
8.7.24
8.7.25
8.7.4
8.7.5
8.7.6
8.7.7
8.7.8
8.7.9
Other
TYPO3_6-1-0rc1
TYPO3_6-2-0
TYPO3_6-2-0alpha1
TYPO3_6-2-0alpha2
TYPO3_6-2-0alpha3
TYPO3_6-2-0beta1
TYPO3_6-2-0beta2
TYPO3_6-2-0beta3
TYPO3_6-2-0beta4
TYPO3_6-2-0beta5
TYPO3_6-2-0beta6
TYPO3_6-2-0beta7
TYPO3_6-2-0rc1
TYPO3_6-2-0rc2
TYPO3_6-2-1
TYPO3_6-2-2
TYPO3_6-2-3
TYPO3_7-0-0
TYPO3_7-1-0
TYPO3_7-2-0
TYPO3_7-3-0
TYPO3_7-4-0
TYPO3_7-5-0
TYPO3_7-6-0
TYPO3_7-6-1
TYPO3_7-6-2
TYPO3_8-0-0
TYPO3_8-1-0
TYPO3_8-2-0
TYPO3_8-3-0
TYPO3_8-4-0
TYPO3_8-5-0
TYPO3_8-6-0
TYPO3_8-7-0
TYPO3_8-7-1
TYPO3_8-7-10
TYPO3_8-7-11
TYPO3_8-7-12
TYPO3_8-7-13
TYPO3_8-7-14
TYPO3_8-7-15
TYPO3_8-7-16
TYPO3_8-7-17
TYPO3_8-7-18
TYPO3_8-7-19
TYPO3_8-7-2
TYPO3_8-7-20
TYPO3_8-7-21
TYPO3_8-7-22
TYPO3_8-7-23
TYPO3_8-7-24
TYPO3_8-7-25
TYPO3_8-7-4
TYPO3_8-7-5
TYPO3_8-7-6
TYPO3_8-7-7
TYPO3_8-7-8
TYPO3_8-7-9
v8.*
v8.7.10
v8.7.11
v8.7.12
v8.7.13
v8.7.14
v8.7.15
v8.7.16
v8.7.17
v8.7.18
v8.7.19
v8.7.20
v8.7.21
v8.7.22
v8.7.23
v8.7.24
v8.7.25
v8.7.4
v8.7.5
v8.7.6
v8.7.7
v8.7.8
v8.7.9
v9.*
v9.0.0
v9.1.0
v9.2.0
v9.3.0
v9.4.0
v9.5.0
v9.5.1
v9.5.2
v9.5.3
v9.5.4
v9.5.5
v9.5.6