Vulnerabilities > Typo3 > Typo3 > 6.2.12
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-12-14 | CVE-2022-23501 | Unspecified vulnerability in Typo3 TYPO3 is an open source PHP based web content management system. | 6.5 |
2021-04-27 | CVE-2021-21365 | Unspecified vulnerability in Typo3 Bootstrap Package is a theme for TYPO3. | 5.4 |
2021-03-23 | CVE-2021-21339 | Unspecified vulnerability in Typo3 TYPO3 is an open source PHP based web content management system. | 7.5 |
2021-03-23 | CVE-2021-21338 | Unspecified vulnerability in Typo3 TYPO3 is an open source PHP based web content management system. | 6.1 |
2020-11-23 | CVE-2020-26227 | Unspecified vulnerability in Typo3 TYPO3 is an open source PHP based web content management system. | 6.1 |
2019-12-17 | CVE-2019-19849 | Deserialization of Untrusted Data vulnerability in Typo3 An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2. | 8.8 |
2019-12-17 | CVE-2019-19848 | Path Traversal vulnerability in Typo3 An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2. | 7.2 |
2018-04-08 | CVE-2018-6905 | Cross-site Scripting vulnerability in Typo3 The page module in TYPO3 before 8.7.11, and 9.1.0, has XSS via $GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename'], as demonstrated by an admin entering a crafted site name during the installation process. | 4.8 |
2017-01-23 | CVE-2016-5091 | 7PK - Security Features vulnerability in Typo3 Extbase in TYPO3 4.3.0 before 6.2.24, 7.x before 7.6.8, and 8.1.1 allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted Extbase action. | 8.1 |
2017-01-23 | CVE-2016-4056 | Cross-site Scripting vulnerability in Typo3 Cross-site scripting (XSS) vulnerability in the Backend component in TYPO3 6.2.x before 6.2.19 allows remote attackers to inject arbitrary web script or HTML via the module parameter when creating a bookmark. | 6.1 |