typo3
361 tracked vulnerabilities.
CVE-2022-31049
MEDIUM
TYPO3 <9.5.34 ELTS, <10.4.29, <11.5.11 - Info Disclosure
Jun 14, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-31048
MEDIUM
TYPO3 <8.7.47 ELTS, <9.5.34 ELTS, <10.4.29, <11.5.11 - XSS
Jun 14, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-31047
MEDIUM
TYPO3 <7.6.57 ELTS, <8.7.47 ELTS, <9.5.34 ELTS, <10.4.29, <11.5.11 ...
Jun 14, 2022
CVSS 5.3
EPSS 0.01
CVE-2022-31046
MEDIUM
TYPO3 <7.6.57 ELTS, <8.7.47 ELTS, <9.5.34 ELTS, <10.4.29, <11.5.11 ...
Jun 14, 2022
CVSS 4.3
EPSS 0.01
CVE-2021-41114
MEDIUM
TYPO3 11.0.0-11.5.0 - Host Header Spoofing via trustedHostsPattern Regression
Oct 05, 2021
CVSS 4.8
EPSS 0.01
CVE-2021-41113
HIGH
TYPO3 11.2.0-11.4.99 - Cross-Site Request Forgery via Deep Link Sharing
Oct 05, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-32768
MEDIUM
TYPO3 7.0.0-7.6.52, 9.0.0-9.5.28, 10.0.0-10.4.19 - Cross-Site Scripting via Rich-Text Content Rendering
Aug 10, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-32767
MEDIUM
TYPO3 <9.5.27, <10.4.17, <11.3.0 - Info Disclosure
Jul 20, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-32669
MEDIUM
TYPO3 9.0.0-9.5.28 10.0.0-10.4.17 11.0.0-11.3.0 - Authenticated Stored Cross-Site Scripting in Backend Layout Grid View
Jul 20, 2021
CVSS 6.4
EPSS 0.01
CVE-2021-32668
MEDIUM
TYPO3 9.0.0-9.5.28, 10.0.0-10.4.17, 11.0.0-11.3.0 - Authenticated XSS in QueryGenerator and QueryView
Jul 20, 2021
CVSS 6.4
EPSS 0.01
CVE-2021-32667
MEDIUM
TYPO3 9.0.0-9.5.28, 10.0.0-10.4.17, 11.0.0-11.3.0 - Authenticated Stored Cross-Site Scripting in Page TSconfig
Jul 20, 2021
CVSS 6.4
EPSS 0.01
CVE-2021-21365
MEDIUM
Typo3 < 7.1.2 - XSS
Apr 27, 2021
CVSS 5.4
EPSS 0.01
CVE-2021-21370
MEDIUM
TYPO3 < 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1 - Authenticated Cross-Site Scripting in Menu Content Element Preview
Mar 23, 2021
CVSS 5.4
EPSS 0.01
CVE-2021-21359
MEDIUM
TYPO3 <9.5.25, 10.4.14, 11.1.1 - DoS
Mar 23, 2021
CVSS 5.9
EPSS 0.02
CVE-2021-21358
MEDIUM
TYPO3 < 10.4.14 - Authenticated Stored Cross-Site Scripting in Form Designer Module
Mar 23, 2021
CVSS 5.4
EPSS 0.01
CVE-2021-21357
HIGH
TYPO3 < 8.7.40, 9.5.25, 10.4.14, 11.1.1 - Authenticated Path Traversal and Arbitrary File Write via Form Designer Module
Mar 23, 2021
CVSS 8.3
EPSS 0.02
CVE-2021-21355
HIGH
TYPO3 <8.7.40, 9.5.25, 10.4.14, 11.1.1 - Info Disclosure
Mar 23, 2021
CVSS 8.6
EPSS 0.02
CVE-2021-21340
MEDIUM
TYPO3 10.0.0-10.4.13 - Authenticated Stored Cross-Site Scripting in Description Column Preview
Mar 23, 2021
CVSS 5.4
EPSS 0.01
CVE-2021-21339
MEDIUM
TYPO3 < 6.2.57, 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1 - Cleartext Session Identifiers
Mar 23, 2021
CVSS 5.9
EPSS 0.01
CVE-2021-21338
MEDIUM
TYPO3 < 6.2.57, 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1 - Unauthenticated Open Redirect via Login Handling
Mar 23, 2021
CVSS 4.7
EPSS 0.01
CVE-2020-26229
LOW
TYPO3 10.4.0-10.4.9 - Authenticated XML External Entity Injection in RSS Widgets
Nov 23, 2020
CVSS 3.7
EPSS 0.01
CVE-2020-26228
HIGH
TYPO3 9.0.0-9.5.22 and 10.0.0-10.4.9 - Cleartext Storage of Sensitive Information
Nov 23, 2020
CVSS 8.1
EPSS 0.01
CVE-2020-26227
MEDIUM
TYPO3 6.2.0-6.2.53, 9.0.0-9.5.22, 10.0.0-10.4.9 - Cross-Site Scripting via Fluid View Helper Argument
Nov 23, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-26216
HIGH
TYPO3 Fluid < 2.0.8, 2.1.7, 2.2.4, 2.3.7, 2.4.4, 2.5.11, 2.6.10 - Cross-Site Scripting
Nov 17, 2020
CVSS 8.0
EPSS 0.01
CVE-2020-15241
MEDIUM
TYPO3 Fluid Engine <2.0.5-2.6.1 - XSS
Oct 08, 2020
CVSS 4.7
EPSS 0.01
Products
typo3 218
cms 116
cms-core 98
cms-backend 24
TYPO3 CMS 14
cms-form 7
cms-install 6
html-sanitizer 6
cms-frontend 4
dam_frontend_extension 4
html_sanitizer 4
wec_discussion_forum 4
Extension "Faceted Search" 3
cms-recycler 3
pdf_generator_2_extension 3
Extension "Mailqueue" 2
HTML Sanitizer 2
address_directory 2
air_filemanager 2
beuserswitch 2
cms-beuser 2
cms-dashboard 2
cms-indexed-search 2
cms-workspaces 2
commerce_extension 2
eluna_page_comments_extension 2
ns backup extension 2
phar-stream-wrapper 2
pharstreamwrapper 2
sql_frontend_extension 2
Quick Filters