Vulnerabilities > Typo3 > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-14 | CVE-2022-23501 | Improper Authentication vulnerability in Typo3 TYPO3 is an open source PHP based web content management system. | 6.5 |
| 2022-12-14 | CVE-2022-23502 | Insufficient Session Expiration vulnerability in Typo3 TYPO3 is an open source PHP based web content management system. | 5.4 |
| 2022-12-14 | CVE-2022-23504 | Expression Language Injection vulnerability in Typo3 TYPO3 is an open source PHP based web content management system. | 4.9 |
| 2022-12-13 | CVE-2022-23499 | Cross-site Scripting vulnerability in Typo3 Html Sanitizer HTML sanitizer is written in PHP, aiming to provide XSS-safe markup based on explicitly allowed tags, attributes and values. | 6.1 |
| 2022-09-13 | CVE-2022-36105 | Information Exposure Through Discrepancy vulnerability in Typo3 TYPO3 is an open source PHP based web content management system released under the GNU GPL. | 5.3 |
| 2022-09-13 | CVE-2022-36106 | Improper Authentication vulnerability in Typo3 TYPO3 is an open source PHP based web content management system released under the GNU GPL. | 5.4 |
| 2022-09-13 | CVE-2022-36107 | Cross-site Scripting vulnerability in Typo3 TYPO3 is an open source PHP based web content management system released under the GNU GPL. | 5.4 |
| 2022-09-13 | CVE-2022-36108 | Cross-site Scripting vulnerability in Typo3 TYPO3 is an open source PHP based web content management system released under the GNU GPL. | 6.1 |
| 2022-09-13 | CVE-2022-36020 | Cross-site Scripting vulnerability in Typo3 Html Sanitizer The typo3/html-sanitizer package is an HTML sanitizer, written in PHP, aiming to provide XSS-safe markup based on explicitly allowed tags, attributes and values. | 6.1 |
| 2022-06-14 | CVE-2022-31046 | Cleartext Transmission of Sensitive Information vulnerability in Typo3 TYPO3 is an open source web content management system. | 4.3 |