Vulnerabilities for cms

craftcms / cms

Title	Severity	Date	Affected Version
CVE-2023-30130	High	May 12, 2023	<= 3.8.1
CVE-2023-31144	Medium	May 9, 2023	>= 3.0.0 < 3.8.4 >= 4.0.0 < 4.4.4
CVE-2023-30177	Medium	Apr 25, 2023	< 3.7.68
CVE-2023-23927	Medium	Mar 3, 2023	>= 4.0.0-RC1 < 4.3.7 >= 3.7.24 < 3.7.64
CVE-2022-37783	High	Dec 5, 2022	>= 3.0.0 < 3.7.33
CVE-2022-37246	Medium	Sep 21, 2022	>= 4.0.0-RC1 < 4.2.1 >= 3.7.39 < 3.7.51
CVE-2022-37247	Medium	Sep 16, 2022	>= 4.0.0-RC1 < 4.2.1
CVE-2022-37251	Medium	Sep 16, 2022	>= 3.7.0-beta.1 < 3.7.55.2 >= 4.0.0-RC1 < 4.2.1
CVE-2022-37248	Medium	Sep 16, 2022	>= 4.0.0-RC1 < 4.2.1
CVE-2022-37250	Medium	Sep 16, 2022	>= 4.0.0-RC1 < 4.2.1

Title	Severity	Date	Affected Version
Typo3 Arbitrary Code Execution and Cross-Site Scripting in Backend API	Medium	Jun 5, 2024	>= 8.0.0 < 8.7.27 >= 9.0.0 < 9.5.8
Typo3 Security Misconfiguration in Frontend Session Handling	Medium	Jun 5, 2024	>= 8.0.0 < 8.7.27 >= 9.0.0 < 9.5.8
Typo3 Security Misconfiguration in User Session Handling	Medium	Jun 5, 2024	>= 8.0.0 < 8.7.25 >= 9.0.0 < 9.5.6
Typo3 Information Disclosure in Backend User Interface	Medium	Jun 5, 2024	>= 8.0.0 < 8.7.27 >= 9.0.0 < 9.5.8
Typo3 Information Disclosure in User Authentication	Medium	Jun 5, 2024	>= 9.0.0 < 9.5.6
Cross-Site Scripting in TYPO3 CMS Backend	Medium	Jun 5, 2024	>= 8.0.0 < 8.7.5
Cross-Site Scripting in TYPO3 CMS	Medium	Jun 5, 2024	>= 7.6.0 < 7.6.16 >= 8.0.0 < 8.6.1
Insecure Unserialize in TYPO3 Backend	Medium	Jun 5, 2024	>= 6.2.0 < 6.2.29 >= 7.6.0 < 7.6.13 >= 8.0.0 < 8.4.1
Cache Flooding in TYPO3 Frontend	Medium	Jun 5, 2024	>= 6.2.0 < 6.2.27 >= 7.6.0 < 7.6.11 >= 8.0.0 < 8.3.1
Authentication Bypass in TYPO3 Frontend	Medium	Jun 5, 2024	>= 8.2.0 < 8.6.1

Title	Severity	Date	Affected Version
CVE-2021-29460	High	Apr 27, 2021	< 3.5.4
CVE-2020-26255	Medium	Dec 8, 2020	>= 3.0.0 < 3.4.5
CVE-2020-26253	Medium	Dec 8, 2020	>= 3.0.0 < 3.3.6