Vulnerabilities > Dated News Project

DATE CVE VULNERABILITY TITLE RISK
2021-08-13 CVE-2021-36789 SQL Injection vulnerability in Dated News Project Dated News
The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 allows SQL Injection.
network
low complexity
dated-news-project CWE-89
critical
9.8
2021-08-13 CVE-2021-36790 Cross-site Scripting vulnerability in Dated News Project Dated News
The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 allows XSS.
network
low complexity
dated-news-project CWE-79
6.1
2021-08-13 CVE-2021-36791 Unspecified vulnerability in Dated News Project Dated News
The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 allows Information Disclosure of application registration data.
network
low complexity
dated-news-project
5.3
2021-08-13 CVE-2021-36792 Unspecified vulnerability in Dated News Project Dated News
The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 has incorrect Access Control for confirming various applications.
network
low complexity
dated-news-project
7.2