{"id":"CVE-2022-33154","details":"The schema (aka Embedding schema.org vocabulary) extension before 1.13.1 and 2.x before 2.5.1 for TYPO3 allows XSS.","aliases":["GHSA-374w-gwqr-fmxg"],"modified":"2026-04-12T03:45:02.393532Z","published":"2022-07-12T22:15:08.237Z","references":[{"type":"FIX","url":"https://typo3.org/security/advisory/typo3-ext-sa-2022-012"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/brotkrueml/schema","events":[{"introduced":"0"},{"fixed":"993fd53c192bb9ebbfc5bd859463c54de4dc4088"},{"introduced":"912656b1317990d3f082984e7072c51cde642713"},{"fixed":"1e4e8c7f26989b2ca6168849c56197c2de411a1b"}],"database_specific":{"cpe":"cpe:2.3:a:schema_project:schema:*:*:*:*:*:typo3:*:*","source":"CPE_FIELD","extracted_events":[{"introduced":"0"},{"fixed":"1.13.1"},{"introduced":"2.0.0"},{"fixed":"2.5.1"}]}}],"versions":["v0.1.0","v0.2.0","v0.3.0","v0.4.0","v0.5.0","v0.6.0","v0.7.0","v0.8.0","v0.8.1","v0.9.0","v1.0.0","v1.1.0","v1.10.0","v1.11.0","v1.11.1","v1.12.0","v1.12.1","v1.13.0","v1.2.0","v1.3.0","v1.3.1","v1.4.0","v1.4.1","v1.4.2","v1.5.0","v1.5.1","v1.5.2","v1.6.0","v1.7.0","v1.8.0","v1.9.0","v2.0.0","v2.0.1","v2.0.2","v2.1.0","v2.2.0","v2.2.1","v2.2.2","v2.3.0","v2.4.0","v2.5.0"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-33154.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"}]}