| Title |
Severity |
Exploit |
Date |
Affected Version |
|
TYPO3 is susceptible to Cross-Site Flashing
|
Medium
|
|
Jun 3, 2024
|
>= 6.2.0 < 6.2.16
|
|
Multiple Cross-Site Scripting vulnerabilities in TYPO3 backend
|
Medium
|
|
Jun 3, 2024
|
>= 6.2.0 < 6.2.16
>= 7.0.0 < 7.6.1
|
|
TYPO3 Cross-Site Scripting vulnerability in typolinks
|
Medium
|
|
May 30, 2024
|
>= 6.2.0 < 6.2.16
>= 7.0.0 < 7.6.1
|
|
TYPO3 Frontend vulnerable to Unauthenticated Path Disclosure
|
Medium
|
|
May 30, 2024
|
>= 6.2.0 < 6.2.15
>= 7.0.0 < 7.4.0
|
|
TYPO3 Brute Force Protection Bypass in backend login
|
Medium
|
|
May 30, 2024
|
>= 6.2.0 < 6.2.14
>= 7.0.0 < 7.3.1
|
|
TYPO3 Information Disclosure Vulnerability Exploitable by Editors
|
Medium
|
|
May 30, 2024
|
>= 6.2.0 < 6.2.14
>= 7.0.0 < 7.3.1
|
|
TYPO3 Cross-Site Scripting Vulnerability Exploitable by Editors
|
Medium
|
|
May 30, 2024
|
>= 6.2.0 < 6.2.14
>= 7.0.0 < 7.3.1
|
|
TYPO3 frontend login vulnerable to Session Fixation
|
High
|
|
May 30, 2024
|
>= 6.2.0 < 6.2.14
>= 7.0.0 < 7.3.1
|
|
TYPO3 may allow editors to change, create, or delete metadata of files not within their file mounts
|
High
|
|
May 30, 2024
|
>= 6.2.0 < 6.2.14
>= 7.0.0 < 7.3.1
|
|
TYPO3 possible cache poisoning on the homepage when anchors are used
|
High
|
|
May 30, 2024
|
>= 6.2.0 < 6.2.9
>= 7.0.0 < 7.0.2
|
typo3 / cms