Vulnerabilities > Typo3 > Typo3 > 8.7.19

DATE CVE VULNERABILITY TITLE RISK
2020-11-23 CVE-2020-26227 Cross-site Scripting vulnerability in Typo3
TYPO3 is an open source PHP based web content management system.
network
typo3 CWE-79
4.3
4.3
2019-12-17 CVE-2019-19850 SQL Injection vulnerability in Typo3
An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2.
network
low complexity
typo3 CWE-89
6.5
6.5
2019-12-17 CVE-2019-19849 Deserialization of Untrusted Data vulnerability in Typo3
An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2.
network
low complexity
typo3 CWE-502
6.5
6.5
2019-12-17 CVE-2019-19848 Path Traversal vulnerability in Typo3
An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2.
network
low complexity
typo3 CWE-22
6.5
6.5
2019-07-09 CVE-2019-12748 Cross-site Scripting vulnerability in Typo3
TYPO3 8.3.0 through 8.7.26 and 9.0.0 through 9.5.7 allows XSS.
network
low complexity
typo3 CWE-79
6.1
6.1
2019-07-09 CVE-2019-12747 Deserialization of Untrusted Data vulnerability in Typo3
TYPO3 8.x through 8.7.26 and 9.x through 9.5.7 allows Deserialization of Untrusted Data.
network
low complexity
typo3 CWE-502
8.8
8.8
2019-05-09 CVE-2019-11832 Improper Input Validation vulnerability in Typo3
TYPO3 8.x before 8.7.25 and 9.x before 9.5.6 allows remote code execution because it does not properly configure the applications used for image processing, as demonstrated by ImageMagick or GraphicsMagick.
network
typo3 CWE-20
critical
 9.3
9.3