Vulnerabilities > Typo3 > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-02-13 | CVE-2024-25118 | Unspecified vulnerability in Typo3 TYPO3 is an open source PHP based web content management system released under the GNU GPL. | 6.5 |
2024-02-13 | CVE-2024-25119 | Unspecified vulnerability in Typo3 TYPO3 is an open source PHP based web content management system released under the GNU GPL. | 4.9 |
2024-02-13 | CVE-2024-25120 | Unspecified vulnerability in Typo3 TYPO3 is an open source PHP based web content management system released under the GNU GPL. | 4.3 |
2023-12-25 | CVE-2023-30451 | Path Traversal vulnerability in Typo3 11.5.24 In TYPO3 11.5.24, the filelist component allows attackers (who have access to the administrator panel) to read arbitrary files via directory traversal in the baseuri field, as demonstrated by POST /typo3/record/edit with ../../../ in data[sys_file_storage]*[data][sDEF][lDEF][basePath][vDEF]. | 4.9 |
2023-11-14 | CVE-2023-47125 | Cross-site Scripting vulnerability in Typo3 Html Sanitizer and Typo3 TYPO3 is an open source PHP based web content management system released under the GNU GPL. | 6.1 |
2023-11-14 | CVE-2023-47126 | Unspecified vulnerability in Typo3 TYPO3 is an open source PHP based web content management system released under the GNU GPL. | 5.3 |
2023-11-14 | CVE-2023-47127 | Improper Authentication vulnerability in Typo3 TYPO3 is an open source PHP based web content management system released under the GNU GPL. | 5.4 |
2023-07-25 | CVE-2023-38499 | Unspecified vulnerability in Typo3 TYPO3 is an open source PHP based web content management system. | 5.3 |
2023-07-25 | CVE-2023-38500 | Cross-site Scripting vulnerability in Typo3 Html Sanitizer TYPO3 HTML Sanitizer is an HTML sanitizer, written in PHP, aiming to provide cross-site-scripting-safe markup based on explicitly allowed tags, attributes and values. | 6.1 |
2023-02-07 | CVE-2023-24814 | Cross-site Scripting vulnerability in Typo3 TYPO3 is a free and open source Content Management Framework released under the GNU General Public License. | 6.1 |