Typo3

Typo3

218 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2022-31046

  • EPSS 0.15%
  • Veröffentlicht 14.06.2022 21:15:15
  • Zuletzt bearbeitet 21.11.2024 07:03:46

TYPO3 is an open source web content management system. Prior to versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, the export functionality fails to limit the result set to allowed columns of a particular database table. This way, ...

6.8

CVE-2021-41113

  • EPSS 0.24%
  • Veröffentlicht 05.10.2021 18:15:08
  • Zuletzt bearbeitet 21.11.2024 06:25:29

TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that the new TYPO3 v11 feature that allows users to create and share deep links in the backend user interface is vulnerable to cross-si...

5.3

CVE-2021-41114

  • EPSS 0.29%
  • Veröffentlicht 05.10.2021 18:15:08
  • Zuletzt bearbeitet 21.11.2024 06:25:29

TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that TYPO3 CMS is susceptible to host spoofing due to improper validation of the HTTP Host header. TYPO3 uses the HTTP Host header, for...

6.1

CVE-2021-32768

  • EPSS 0.28%
  • Veröffentlicht 10.08.2021 17:15:10
  • Zuletzt bearbeitet 21.11.2024 06:07:42

TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions failing to properly parse, sanitize and encode malicious rich-text content, the content rendering process in the website frontend is vuln...

5.4

CVE-2021-32669

  • EPSS 0.37%
  • Veröffentlicht 20.07.2021 16:15:07
  • Zuletzt bearbeitet 21.11.2024 06:07:29

TYPO3 is an open source PHP based web content management system. Versions 9.0.0 through 9.5.28, 10.0.0 through 10.4.17, and 11.0.0 through 11.3.0 have a cross-site scripting vulnerability. When settings for _backend layouts_ are not properly encoded,...

6.5

CVE-2021-32767

  • EPSS 0.33%
  • Veröffentlicht 20.07.2021 16:15:07
  • Zuletzt bearbeitet 21.11.2024 06:07:42

TYPO3 is an open source PHP based web content management system. In versions 9.0.0 through 9.5.27, 10.0.0 through 10.4.17, and 11.0.0 through 11.3.0, user credentials may been logged as plain-text. This occurs when explicitly using log level debug, w...

4.8

CVE-2021-32668

  • EPSS 0.36%
  • Veröffentlicht 20.07.2021 15:15:10
  • Zuletzt bearbeitet 21.11.2024 06:07:29

TYPO3 is an open source PHP based web content management system. Versions 9.0.0 through 9.5.28, 10.0.0 through 10.4.17, and 11.0.0 through 11.3.0 have a cross-site scripting vulnerability. When error messages are not properly encoded, the components ...

5.4

CVE-2021-32667

  • EPSS 0.42%
  • Veröffentlicht 20.07.2021 15:15:09
  • Zuletzt bearbeitet 21.11.2024 06:07:29

TYPO3 is an open source PHP based web content management system. Versions 9.0.0 through 9.5.28, 10.0.0 through 10.4.17, and 11.0.0 through 11.3.0 have a cross-site scripting vulnerability. When _Page TSconfig_ settings are not properly encoded, corre...

5.4

CVE-2021-21365

Exploit
  • EPSS 0.34%
  • Veröffentlicht 27.04.2021 20:15:08
  • Zuletzt bearbeitet 21.11.2024 05:48:12

Bootstrap Package is a theme for TYPO3. It has been discovered that rendering content in the website frontend is vulnerable to cross-site scripting. A valid backend user account is needed to exploit this vulnerability. Users of the extension, who hav...

6.1

CVE-2021-21338

  • EPSS 0.25%
  • Veröffentlicht 23.03.2021 02:15:12
  • Zuletzt bearbeitet 21.11.2024 05:48:03

TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 6.2.57, 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1 it has been discovered that Login Handling is susceptible to open redirection which allows attackers redirecting...