Vulnerabilities > Typo3 > Typo3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-25 | CVE-2023-30451 | Path Traversal vulnerability in Typo3 11.5.24 In TYPO3 11.5.24, the filelist component allows attackers (who have access to the administrator panel) to read arbitrary files via directory traversal in the baseuri field, as demonstrated by POST /typo3/record/edit with ../../../ in data[sys_file_storage]*[data][sDEF][lDEF][basePath][vDEF]. | 4.9 |
2023-11-14 | CVE-2023-47125 | Cross-site Scripting vulnerability in Typo3 Html Sanitizer and Typo3 TYPO3 is an open source PHP based web content management system released under the GNU GPL. | 6.1 |
2023-11-14 | CVE-2023-47126 | Unspecified vulnerability in Typo3 TYPO3 is an open source PHP based web content management system released under the GNU GPL. | 5.3 |
2023-11-14 | CVE-2023-47127 | Improper Authentication vulnerability in Typo3 TYPO3 is an open source PHP based web content management system released under the GNU GPL. | 5.4 |
2023-07-25 | CVE-2023-38499 | Unspecified vulnerability in Typo3 TYPO3 is an open source PHP based web content management system. | 5.3 |
2023-02-07 | CVE-2023-24814 | Cross-site Scripting vulnerability in Typo3 TYPO3 is a free and open source Content Management Framework released under the GNU General Public License. | 6.1 |
2022-12-14 | CVE-2022-23501 | Improper Authentication vulnerability in Typo3 TYPO3 is an open source PHP based web content management system. | 6.5 |
2022-06-14 | CVE-2022-31046 | Cleartext Transmission of Sensitive Information vulnerability in Typo3 TYPO3 is an open source web content management system. | 4.0 |
2022-06-14 | CVE-2022-31047 | Information Exposure Through an Error Message vulnerability in Typo3 TYPO3 is an open source web content management system. | 6.5 |
2022-06-14 | CVE-2022-31048 | Cross-site Scripting vulnerability in Typo3 TYPO3 is an open source web content management system. | 3.5 |