chc_forum

Mon. 7th November, 2005

A bug has been discovered in the "CHC Forum" (chc_forum) extension where some Javascript expressions are not properly caught when entered in forms. Thus, specially crafted entries may be used to inject malicious code.


This is a companion discussion topic for the original entry at https://typo3.org/article/typo3-20051107-1