{"id":"CVE-2019-12748","details":"TYPO3 8.3.0 through 8.7.26 and 9.0.0 through 9.5.7 allows XSS.","aliases":["GHSA-r6fv-56gp-j3r4"],"modified":"2026-03-14T09:32:40.993868Z","published":"2019-07-09T15:15:10.697Z","references":[{"type":"ADVISORY","url":"https://typo3.org/security/advisory/typo3-core-sa-2019-015/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/typo3/typo3.cms","events":[{"introduced":"ce3a12b18327f3fa232fa00e94f7c6fd57b55743"},{"last_affected":"2c8df8f59068e1861606ff1dc0f35c693ffd5393"},{"introduced":"41235ff8e38c6f3401df03ae8beddd62d662c525"},{"last_affected":"298c3d4c400702c893bbe58503635cd2d905e340"}],"database_specific":{"versions":[{"introduced":"8.3.0"},{"last_affected":"8.7.26"},{"introduced":"9.0.0"},{"last_affected":"9.5.7"}]}}],"versions":["8.3.0","8.4.0","8.5.0","8.6.0","8.7.0","8.7.1","8.7.10","8.7.11","8.7.12","8.7.13","8.7.14","8.7.15","8.7.16","8.7.17","8.7.18","8.7.19","8.7.2","8.7.20","8.7.21","8.7.22","8.7.23","8.7.24","8.7.25","8.7.26","8.7.4","8.7.5","8.7.6","8.7.7","8.7.8","8.7.9","TYPO3_8-3-0","TYPO3_8-4-0","TYPO3_8-5-0","TYPO3_8-6-0","TYPO3_8-7-0","TYPO3_8-7-1","TYPO3_8-7-10","TYPO3_8-7-11","TYPO3_8-7-12","TYPO3_8-7-13","TYPO3_8-7-14","TYPO3_8-7-15","TYPO3_8-7-16","TYPO3_8-7-17","TYPO3_8-7-18","TYPO3_8-7-19","TYPO3_8-7-2","TYPO3_8-7-20","TYPO3_8-7-21","TYPO3_8-7-22","TYPO3_8-7-23","TYPO3_8-7-24","TYPO3_8-7-25","TYPO3_8-7-26","TYPO3_8-7-4","TYPO3_8-7-5","TYPO3_8-7-6","TYPO3_8-7-7","TYPO3_8-7-8","TYPO3_8-7-9","v8.7.10","v8.7.11","v8.7.12","v8.7.13","v8.7.14","v8.7.15","v8.7.16","v8.7.17","v8.7.18","v8.7.19","v8.7.20","v8.7.21","v8.7.22","v8.7.23","v8.7.24","v8.7.25","v8.7.26","v8.7.4","v8.7.5","v8.7.6","v8.7.7","v8.7.8","v8.7.9","v9.0.0","v9.1.0","v9.2.0","v9.3.0","v9.4.0","v9.5.0","v9.5.1","v9.5.2","v9.5.3","v9.5.4","v9.5.5","v9.5.6","v9.5.7"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-12748.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}