Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

packagist typo3/cms Security Advisories

Loading...
Moderate
GSA_kwCzR0hTQS1mM3dmLXE0ZmotM2d4Zs4AA8zb
TYPO3 Denial of Service in Online Media Asset Handling
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 17.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS02NDg3LTNxdmctOHB4Oc4AA8za
TYPO3 Information Disclosure in Install Tool
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 13.8
Published: about 1 month ago
High
GSA_kwCzR0hTQS1mNzc3LWY3ODQtMzZnbc4AA8zZ
TYPO3 Security Misconfiguration in Install Tool Cookie
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 21.1
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS0ycmN3LTlocm0tOHE3cc4AA8zY
TYPO3 Cross-Site Scripting in Frontend User Login
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 14.1
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS03cTMzLWh4d2otN3A4ds4AA8zX
TYPO3 Cross-Site Scripting in Backend Modal Component
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 14.1
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS04bTZqLXA1anYtdjY5d84AA8zW
TYPO3 Cross-Site Scripting in Online Media Asset Rendering
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 14.1
Published: about 1 month ago
High
GSA_kwCzR0hTQS04aDRtLXI0d20teGo3cs4AA8zT
TYPO3 Arbitrary Code Execution via File List Module
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 23.0
Published: about 1 month ago
High
GSA_kwCzR0hTQS1nNTg1LWNyamYtdmh3cc4AA8zJ
TYPO3 Denial of Service in Frontend Record Registration
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 19.6
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1mNjI0LThoZnEtNWZoM84AA8zI
TYPO3 Information Disclosure of Installed Extensions
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 13.8
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS12OG00LTN3MzctZ2h4eM4AA8zH
TYPO3 Cross-Site Scripting in Form Framework validation handling
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 15.9
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS00aDVjLTVnMjUtdjdmaM4AA8zG
TYPO3 Cross-Site Scripting in Form Framework
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 15.9
Published: about 1 month ago
High
GSA_kwCzR0hTQS1jNW1qLTM5Y2YtM3BwNc4AA8zF
TYPO3 Security Misconfiguration for Backend User Accounts
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 19.1
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS14Z214LWozaHYtamg5eM4AA8zE
TYPO3 Cross-Site Scripting in Link Handling
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 15.9
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS03NzJtLTQzZjMtaG1mOM4AA8zD
TYPO3 Broken Access Control in Localization Handling
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 17.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1nN2h3LWpoNHAtNzV3cs4AA8zC
TYPO3 Cross-Site Scripting in Filelist Module
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 15.9
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS04NWNoLTQ0dzctcmYzMs4AA8zB
TYPO3 Cross-Site Scripting in Fluid ViewHelpers
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 15.9
Published: about 1 month ago
High
GSA_kwCzR0hTQS1oaDk1LTV4bTUtdjh2N84AA8zA
TYPO3 CMS Possible Insecure Deserialization in Extbase Request Handling
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 21.1
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS0yNTl2LXhtMzQtcDdmcs4AA8ue
Typo3 Cross-Site Scripting in Language Pack Handling
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1mNXJyLTlyODQtd3dxZs4AA8ud
Typo3 Broken Access Control in Import Module
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Low
GSA_kwCzR0hTQS1oOTM0LWY0bTQtd2M4eM4AA8uc
Typo3 Information Disclosure in Page Tree
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1od3c1LTZ4ODUtbWMyNM4AA8ub
Typo3 Arbitrary Code Execution and Cross-Site Scripting in Backend API
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1xcjVmLTZmY3YtdzY5cc4AA8ua
Typo3 Security Misconfiguration in Frontend Session Handling
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1nOXJ2LTZnNTYtNjVoOM4AA8uZ
Typo3 Security Misconfiguration in User Session Handling
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1xOWM0LTl2NW0tNTk3cM4AA8uY
Typo3 Information Disclosure in Backend User Interface
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1tOTZyLTd2cW0tajk1Z84AA8uX
Typo3 Information Disclosure in User Authentication
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS12NHFyLThoMnYtcXBqeM4AA8uW
Cross-Site Scripting in TYPO3 CMS Backend
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 14.1
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS01Z3I2LTk3ZnYtNTJjY84AA8uV
Cross-Site Scripting in TYPO3 CMS
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 17.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1jN3JqLTkyeHItd3ByZ84AA8uU
Insecure Unserialize in TYPO3 Backend
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 13.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1wdzJxLXF3dmotZ2g0M84AA8uR
Cache Flooding in TYPO3 Frontend
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 13.8
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1taDNyLTZjcDUtaGMyas4AA8uQ
Authentication Bypass in TYPO3 Frontend
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 14.1
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS02ZjltLXY3bXAtN2pqcc4AA8uO
Authentication Bypass in TYPO3 CMS
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1nNDZoLXYyY2MtNmM5NM4AA8uN
Information Disclosure in TYPO3 CMS
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 11.2
Published: about 1 month ago
High
GSA_kwCzR0hTQS1wcGdmLTg3NDUtOHBneM4AA8uM
Insecure Deserialization & Arbitrary Code Execution in TYPO3 CMS
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Low
GSA_kwCzR0hTQS1jN3A2LTNjOWMtZjg4cc4AA8uE
Information Disclosure in TYPO3 CMS
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 9.7
Published: about 1 month ago
High
GSA_kwCzR0hTQS03cXdnLWZjcHcteGc1Z84AA8uD
Privilege Escalation & SQL Injection in TYPO3 CMS
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 23.0
Published: about 1 month ago
High
GSA_kwCzR0hTQS1nNHBmLTNqdnEtMmdjd84AA8uC
TYPO3 Remote Code Execution in third party library swiftmailer
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Critical
GSA_kwCzR0hTQS02N3dnLTZqN3ItbXFoOM4AA8uB
Arbitrary Code Execution in TYPO3 CMS
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 26.1
Published: about 1 month ago
High
GSA_kwCzR0hTQS04aDI4LWY0NmYtbTg3aM4AA8uA
Insecure Deserialization in TYPO3 CMS
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1wNWM1LWdtajQtZzQ4Zs4AA8t_
Cross-Site Scripting (XSS) vulnerability in typolinks
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1ocTM3LXJmamMtbXI4aM4AA8t-
Cross-Site Scripting (XSS) in TYPO3 Backend
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1xbXdmLWo3ZzctZjVqd84AA8t9
Cross-Site Scripting in third party library mso/idna-convert
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS12cHIzLXJjOTktMndwcs4AA8t8
Information Disclosure in TYPO3 Backend
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 13.8
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1qODZ4LXBqbXItOW02d84AA8t7
SQL Injection in TYPO3 Frontend Login
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 14.1
Published: about 1 month ago
Critical
GSA_kwCzR0hTQS1nd2Z4LXA3bXItZjkyds4AA8t6
Missing Access Check in TYPO3 CMS
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 23.7
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS14dmNwLTMzcmMtajhncc4AA8t5
Insecure Unserialize in TYPO3 Import/Export
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 16.4
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS04NnI4LTRnM3ctN3hqcM4AA8t4
Cross-Site Scripting in TYPO3 Backend
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 12.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS12NWpwLTRoMnAtajJwNM4AA8t3
Privilege Escalation in TYPO3 CMS
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 17.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS01d3g2LXh3eGYtcThxas4AA8t2
Cross-Site Scripting in TYPO3 Backend
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 12.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS02eGg4LThwZnYtNTN2eM4AA8t1
Authentication Bypass in TYPO3 CMS
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 14.1
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1wbXhwLTcyMjQtaDc5NM4AA8sA
Denial of Service (DoS) attack possibility in TYPO3 component Indexed Search
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS13cnBmLTJ4OGgtODJncs4AA8r_
Typo3 Arbitrary File Disclosure in Form Component
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS04ajl2LTRoaGgteDQzY84AA8r-
Cross-Site Scripting (XSS) in TYPO3 component CSS styled content
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
High
GSA_kwCzR0hTQS1xZmZjLWd3cHAtbTJ4cs4AA8r9
XML External Entity (XXE) Processing in TYPO3 Core
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS0zanhxLTV4aGgtOWpyM84AA8r8
Cross-Site Scripting (XSS) in TYPO3 component Backend
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS01ajg2LTV4dmctN3E5M84AA8p6
TYPO3 Cross-Site Scripting (XSS) in form component
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS12Z204LXI5Z20tZnc1Oc4AA8p5
TYPO3 Cross-Site Scripting in legacy form component
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1jZzRtLXFqanAtNzQ5N84AA8n8
TYPO3 Cross-Site Scripting in link validator component
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS02ZmM2LWNqMmotaDIyeM4AA8n7
TYPO3 Multiple Cross-Site Scripting vulnerabilities in frontend
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
High
GSA_kwCzR0hTQS05ODk1LTUzZmMtOTh2Ms4AA8n6
TYPO3 SQL Injection in dbal
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS13aDhxLTcyY3AtcDV3Zs4AA8nz
Cross-Site Scripting in TYPO3 component Indexed Search
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1xcnhoLTQ2bXItcHI3cc4AA8ny
TYPO3 is susceptible to Cross-Site Flashing
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS01Y3hmLXh4OWotNTRqY84AA8nx
Multiple Cross-Site Scripting vulnerabilities in TYPO3 backend
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS03NW14LWNoY2YtMnEzMs4AA8kV
TYPO3 Cross-Site Scripting vulnerability in typolinks
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 15.9
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1wcWZ2LTk3aGotZzk3Z84AA8kU
TYPO3 Frontend vulnerable to Unauthenticated Path Disclosure
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 13.8
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1qcXI4LXE0NTUteHg0Nc4AA8kT
TYPO3 Brute Force Protection Bypass in backend login
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 17.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1yMjg3LWhjOGotdzU2aM4AA8kS
TYPO3 Information Disclosure Vulnerability Exploitable by Editors
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 17.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS13cDhqLWM3MzYtYzVyM84AA8kR
TYPO3 Cross-Site Scripting Vulnerability Exploitable by Editors
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 14.1
Published: about 1 month ago
High
GSA_kwCzR0hTQS1yOXZjLWpmbWgtNmo0OM4AA8kQ
TYPO3 frontend login vulnerable to Session Fixation
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 18.5
Published: about 1 month ago
High
GSA_kwCzR0hTQS00cjc2LXhyNjgtdzdtN84AA8kP
TYPO3 may allow editors to change, create, or delete metadata of files not within their file mounts
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 23.0
Published: about 1 month ago
High
GSA_kwCzR0hTQS1wODRnLWoyZ2gtODNnM84AA8kN
TYPO3 possible cache poisoning on the homepage when anchors are used
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1teGpmLWhjOXYteGd2Ms4AA8kM
ExtJS JavaScript framework used in TYPO3 vulnerable to Cross-site Scripting
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 15.9
Published: about 1 month ago
High
GSA_kwCzR0hTQS00NXhnLTR3NXgtajQyOc4AA8kK
TYPO3 Arbitrary Shell Execution in Swiftmailer library
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 21.1
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1najQ4LXc3NHctOGd2bc4AA5cs
Path Traversal in TYPO3 Core
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 5 months ago
High
GSA_kwCzR0hTQS1yNGY4LWY5M3gtNXFoM84AAxfl
TYPO3 is vulnerable to Cross-Site Scripting via frontend rendering
Ecosystems: packagist
Packages: typo3/cms, typo3/cms-core
Source: GitHub Advisory Database
Blast Radius: 31.6
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS01M21tLWh4MzItNjQ3Nc4AAwWZ
TYPO3 vulnerable to Insufficient Session Expiration
Ecosystems: packagist
Packages: derhansen/fe_change_pwd, typo3/cms
Source: GitHub Advisory Database
Blast Radius: 25.6
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS04dzNwLXFoM3gtNmdqcs4AAwSa
TYPO3 CMS vulnerable to Sensitive Information Disclosure via YAML Placeholder Expressions in Site Configuration
Ecosystems: packagist
Packages: typo3/cms, typo3/cms-core
Source: GitHub Advisory Database
Blast Radius: 20.4
Published: over 1 year ago
High
GSA_kwCzR0hTQS1jNXd4LTZjMmMtZjdybc4AAwSZ
TYPO3 CMS vulnerable to Arbitrary Code Execution via Form Framework
Ecosystems: packagist
Packages: typo3/cms, typo3/cms-core
Source: GitHub Advisory Database
Blast Radius: 26.9
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1tZ2oyLXE4d3AtMjlycs4AAwSY
TYPO3 CMS vulnerable to Insufficient Session Expiration after Password Reset
Ecosystems: packagist
Packages: typo3/cms, typo3/cms-core
Source: GitHub Advisory Database
Blast Radius: 19.4
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1qZnA3LTc5ZzctODlyZs4AAwSX
TYPO3 CMS vulnerable to Weak Authentication in Frontend Login
Ecosystems: packagist
Packages: typo3/cms, typo3/cms-core
Source: GitHub Advisory Database
Blast Radius: 21.2
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS04YzI4LTVtcDctdjI0aM4AAwSW
TYPO3 CMS vulnerable to Denial of Service in Page Error Handling
Ecosystems: packagist
Packages: typo3/cms, typo3/cms-core
Source: GitHub Advisory Database
Blast Radius: 21.2
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1odnd4LXFoMmgteGNmas4AAwSV
TYPO3 HTML Sanitizer vulnerable to Cross-Site Scripting
Ecosystems: packagist
Packages: typo3/cms, typo3/html-sanitizer
Source: GitHub Advisory Database
Blast Radius: 15.9
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS00N202LTQ2bWotcDIzNc4AAu1r
TYPO3 HTML Sanitizer Bypasses Cross-Site Scripting Protection
Ecosystems: packagist
Packages: typo3/cms, typo3/cms-core, typo3/html-sanitizer
Source: GitHub Advisory Database
Blast Radius: 21.9
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1mZmZyLTd4NHgtZjk4cc4AAu1V
TYPO3 CMS vulnerable to Denial of Service in Page Error Handling
Ecosystems: packagist
Packages: typo3/cms, typo3/cms-core
Source: GitHub Advisory Database
Blast Radius: 21.2
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1tMzkyLTIzNWotOXI3cs4AAu1U
TYPO3 CMS vulnerable to User Enumeration via Response Timing
Ecosystems: packagist
Packages: typo3/cms, typo3/cms-core
Source: GitHub Advisory Database
Blast Radius: 19.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS01OTU5LTR4NTgtcjhjMs4AAu1T
TYPO3 CMS missing check for expiration time of password reset token for backend users
Ecosystems: packagist
Packages: typo3/cms, typo3/cms-core
Source: GitHub Advisory Database
Blast Radius: 19.4
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS05YzZ3LTU1Y3AtNXcyNc4AAu1S
TYPO3 CMS Stored Cross-Site Scripting via FileDumpController
Ecosystems: packagist
Packages: typo3/cms, typo3/cms-core
Source: GitHub Advisory Database
Blast Radius: 19.4
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1mdjJtLTkyNDktcXg4Nc4AAu1R
TYPO3 CMS vulnerable to Cross-Site Scripting in <f:asset.css> view helper
Ecosystems: packagist
Packages: typo3/cms, typo3/cms-core
Source: GitHub Advisory Database
Blast Radius: 19.4
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS13d2p3LXIzZ2otMzlmcc4AArtR
Insufficient Session Expiration in TYPO3's Admin Tool
Ecosystems: packagist
Packages: typo3/cms, typo3/cms-core
Source: GitHub Advisory Database
Blast Radius: 21.5
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1oNG14LXh2OTYtMmpnbc4AArtQ
Cross-Site Scripting in TYPO3's Frontend Login Mailer
Ecosystems: packagist
Packages: typo3/cms, typo3/cms-core
Source: GitHub Advisory Database
Blast Radius: 19.4
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS0zcjk1LTIzanAtbWh2Z84AArtP
Cross-Site Scripting in TYPO3's Form Framework
Ecosystems: packagist
Packages: typo3/cms, typo3/cms-core
Source: GitHub Advisory Database
Blast Radius: 19.4
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1maDk5LTRwZ3ItOGo5Oc4AArtO
Insertion of Sensitive Information into Log File in typo3/cms-core
Ecosystems: packagist
Packages: typo3/cms, typo3/cms-core
Source: GitHub Advisory Database
Blast Radius: 19.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS04Z212LTlod2ctdzg5Z84AArtN
Information Disclosure via Export Module
Ecosystems: packagist
Packages: typo3/cms, typo3/cms-core
Source: GitHub Advisory Database
Blast Radius: 15.4
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1yNmZ2LTU2Z3AtajNyNM4AAq1k
Typo3 Cross-Site Scripting in Link Handling
Ecosystems: packagist
Packages: typo3/cms, typo3/cms-core
Source: GitHub Advisory Database
Blast Radius: 21.9
Published: about 2 years ago
High
GSA_kwCzR0hTQS04NmhwLXhyaGotZmhwcc4AAq1y
Typo3 Vulnerable to Insecure Deserialization
Ecosystems: packagist
Packages: typo3/cms, typo3/cms-core
Source: GitHub Advisory Database
Blast Radius: 31.6
Published: about 2 years ago
High
GSA_kwCzR0hTQS0zdzRoLXIyN2gtNHIyd84AAqx4
TYPO3 Image Processing susceptible to Code Execution
Ecosystems: packagist
Packages: typo3/cms, typo3/cms-core
Source: GitHub Advisory Database
Blast Radius: 26.9
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1xdmh2LXB3d3ctNTNqas4AAjbG
Typo3 Cross-Site Scripting in Flash component (ELTS)
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 15.9
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS01OXBqLTdtamgtNDQ2Nc4AAi_a
TYPO3 SQL Injection in low-level Query Generator
Ecosystems: packagist
Packages: typo3/cms-core, typo3/cms
Source: GitHub Advisory Database
Blast Radius: 19.7
Published: about 2 years ago
High
GSA_kwCzR0hTQS1yY2djLTR4ZmMtNTY0ds4AAi_c
TYPO3 Insecure Deserialization in Query Generator & Query View
Ecosystems: packagist
Packages: typo3/cms, typo3/cms-core
Source: GitHub Advisory Database
Blast Radius: 31.6
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS03N3A0LXdmcjgtOTc3d84AAi_T
TYPO3 Directory Traversal on ZIP extraction
Ecosystems: packagist
Packages: typo3/cms, typo3/cms-core
Source: GitHub Advisory Database
Blast Radius: 24.4
Published: about 2 years ago
High
GSA_kwCzR0hTQS13NzM2LXF2ODYtdnE5NM4AAfqw
TYPO3 Remote File Disclosure vulnerability in the jumpUrl mechanism
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Statistics
Advisories: 19,486
Packages: 8,600
Repositories: 13
Ecosystems: 12
Filter by Package
moodle/moodle 342 magento/community-edition 204 typo3/cms 174 pimcore/pimcore 117 dolibarr/dolibarr 111 typo3/cms-core 106 phpmyadmin/phpmyadmin 92 microweber/microweber 91 drupal/core 91 silverstripe/framework 83 drupal/drupal 76 thorsten/phpmyfaq 70 symfony/symfony 64 librenms/librenms 54 concrete5/concrete5 52 shopware/platform 48 baserproject/basercms 43 showdoc/showdoc 40 craftcms/cms 40 intelliants/subrion 39 froxlor/froxlor 37 nilsteampassnet/teampass 37 shopware/core 36 zendframework/zendframework1 34 snipe/snipe-it 33 shopware/shopware 30 mautic/core 30 getgrav/grav 29 centreon/centreon 27 prestashop/prestashop 26 magento/core 24 mediawiki/core 24 remdex/livehelperchat 23 pocketmine/pocketmine-mp 23 zendframework/zendframework 23 grumpydictator/firefly-iii 23 simplesamlphp/simplesamlphp 23 getkirby/cms 22 contao/core-bundle 21 tribalsystems/zenario 20 laravel/framework 19 contao/contao 18 forkcms/forkcms 18 cockpit-hq/cockpit 18 cakephp/cakephp 17 francoisjacquet/rosariosis 17 genix/cms 17 ezsystems/ezpublish-kernel 17 topthink/framework 17 symfony/security 17 opencart/opencart 16 yetiforce/yetiforce-crm 16 ec-cube/ec-cube 15 openmage/magento-lts 15 october/system 15 smarty/smarty 15 phpmailer/phpmailer 14 typo3/cms-backend 14 symfony/security-http 14 silverstripe/cms 14 lavalite/cms 13 bolt/bolt 13 impresscms/impresscms 13 codeigniter4/framework 13 elefant/cms 13 studio-42/elfinder 12 phpmyfaq/phpmyfaq 12 dompdf/dompdf 12 phpbb/phpbb 12 tinymce/tinymce 11 TinyMCE 11 pimcore/admin-ui-classic-bundle 11 sylius/sylius 11 symfony/http-foundation 11 tinymce 11 wwbn/avideo 11 feehi/feehicms 11 ezsystems/ezplatform-kernel 11 feehi/cms 11 wallabag/wallabag 10 ssddanbrown/bookstack 10 nukeviet/nukeviet 10 admidio/admidio 10 pagekit/pagekit 10 yiisoft/yii2 10 ezsystems/ezpublish-legacy 10 kevinpapst/kimai2 9 concrete5/core 9 contao/core 9 october/october 9 alextselegidis/easyappointments 9 funadmin/funadmin 9 statamic/cms 8 october/cms 8 silverstripe/admin 8 croogo/croogo 8 pimcore/customer-management-framework-bundle 8 facturascripts/facturascripts 8 composer/composer 8 sulu/sulu 8 codiad/codiad 8 silverstripe/graphql 8 gilacms/gila 8 pterodactyl/panel 7 mantisbt/mantisbt 7 wpglobus/wpglobus 7 flarum/core 7 ezsystems/ezplatform-admin-ui 7 passbolt/passbolt_api 7 october/backend 7 symfony/http-kernel 7 zoujingli/thinkadmin 6 vrana/adminer 6 yourls/yourls 6 directmailteam/direct-mail 6 nystudio107/craft-seomatic 6 guzzlehttp/guzzle 6 dweeves/magmi 6 phpseclib/phpseclib 6 oro/platform 6 in2code/femanager 6 backdrop/backdrop 6 gleez/cms 6 bagisto/bagisto 6 yiisoft/yii2-dev 6 elgg/elgg 5 neos/flow 5 symfony/security-core 5 woocommerce/woocommerce 5 neos/neos 5 cachethq/cachet 5 illuminate/database 5 typo3/cms-install 5 automad/automad 5 phpxmlrpc/phpxmlrpc 5 simplesamlphp/saml2 5 silverstripe/assets 5 ibexa/core 5 bottelet/flarepoint 5 anchorcms/anchor-cms 5 phpservermon/phpservermon 5 billz/raspap-webgui 5 gugoan/economizzer 5 twig/twig 5 codeigniter/framework 5 typo3/flow 5 thinkcmf/thinkcmf 5 pear/archive_tar 5 sylius/resource-bundle 4 spatie/browsershot 4 typo3/html-sanitizer 4 oro/commerce 4 notrinos/notrinos-erp 4 magento/product-community-edition 4 idno/known 4 wintercms/winter 4 shopxo/shopxo 4 bref/bref 4 kimai/kimai 4 appwrite/server-ce 4 symfony/security-bundle 4 shopware/storefront 4 friendsofsymfony/user-bundle 4 ezsystems/ezplatform 4 pyrocms/pyrocms 4 evolutioncms/evolution 4 codeigniter4/shield 4 zendframework/zendopenid 4 wp-premium/gravityforms 4 modx/revolution 4 bytefury/crater 4 typo3/cms-frontend 4 adodb/adodb-php 4 joomla/framework 3 pixelfed/pixelfed 3 zendframework/zend-diactoros 3 swiftmailer/swiftmailer 3 limesurvey/limesurvey 3 amphp/http-client 3 symfony/form 3 processwire/processwire 3 enhavo/enhavo-app 3 illuminate/auth 3 verot/class.upload.php 3 froala/wysiwyg-editor 3 zendframework/zend-http 3 ckeditor4 3 enshrined/svg-sanitize 3 prestashop/productcomments 3 qcubed/qcubed 3 django-tinymce 3 yiisoft/yii 3 tecnickcom/tcpdf 3 artesaos/seotools 3 privatebin/privatebin 3 quickapps/cms 3 doctrine/orm 3 rudloff/alltube 3 bbpress/bbpress 3 verbb/comments 3