From 0cee4bc7e97910a19ff7439af2d20d4bd8e609d7 Mon Sep 17 00:00:00 2001
From: Noam Rathaus <noamr@beyondsecurity.com>
Date: Thu, 18 Mar 2021 15:32:30 +0200
Subject: [PATCH] References

---
 cves/2020/CVE-2020-8091.yaml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/cves/2020/CVE-2020-8091.yaml b/cves/2020/CVE-2020-8091.yaml
index caf5669298..0e62f1aae1 100644
--- a/cves/2020/CVE-2020-8091.yaml
+++ b/cves/2020/CVE-2020-8091.yaml
@@ -6,6 +6,9 @@ info:
   severity: medium
   description: svg.swf in TYPO3 6.2.0 to 6.2.38 ELTS and 7.0.0 to 7.1.0 could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on a targeted system. This may be at a contrib/websvg/svg.swf pathname.
   tags: cve,cve2020,xss
+  reference:
+    - https://typo3.org/security/advisory/typo3-psa-2019-003/
+    - https://www.purplemet.com/blog/typo3-xss-vulnerability
 
 requests:
   - method: GET