Vulnerabilities > Typo3 > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-12-14 CVE-2022-23501 Improper Authentication vulnerability in Typo3
TYPO3 is an open source PHP based web content management system.
network
low complexity
typo3 CWE-287
6.5
2022-12-14 CVE-2022-23502 Insufficient Session Expiration vulnerability in Typo3
TYPO3 is an open source PHP based web content management system.
network
low complexity
typo3 CWE-613
5.4
2022-12-14 CVE-2022-23504 Expression Language Injection vulnerability in Typo3
TYPO3 is an open source PHP based web content management system.
network
low complexity
typo3 CWE-917
4.9
2022-12-13 CVE-2022-23499 Cross-site Scripting vulnerability in Typo3 Html Sanitizer
HTML sanitizer is written in PHP, aiming to provide XSS-safe markup based on explicitly allowed tags, attributes and values.
network
low complexity
typo3 CWE-79
6.1
2022-09-13 CVE-2022-36105 Information Exposure Through Discrepancy vulnerability in Typo3
TYPO3 is an open source PHP based web content management system released under the GNU GPL.
network
low complexity
typo3 CWE-203
5.3
2022-09-13 CVE-2022-36106 Improper Authentication vulnerability in Typo3
TYPO3 is an open source PHP based web content management system released under the GNU GPL.
network
low complexity
typo3 CWE-287
5.4
2022-09-13 CVE-2022-36107 Cross-site Scripting vulnerability in Typo3
TYPO3 is an open source PHP based web content management system released under the GNU GPL.
network
low complexity
typo3 CWE-79
5.4
2022-09-13 CVE-2022-36108 Cross-site Scripting vulnerability in Typo3
TYPO3 is an open source PHP based web content management system released under the GNU GPL.
network
low complexity
typo3 CWE-79
6.1
2022-09-13 CVE-2022-36020 Cross-site Scripting vulnerability in Typo3 Html Sanitizer
The typo3/html-sanitizer package is an HTML sanitizer, written in PHP, aiming to provide XSS-safe markup based on explicitly allowed tags, attributes and values.
network
low complexity
typo3 CWE-79
6.1
2022-06-14 CVE-2022-31046 Cleartext Transmission of Sensitive Information vulnerability in Typo3
TYPO3 is an open source web content management system.
network
low complexity
typo3 CWE-319
4.3