| Title |
Severity |
Exploit |
Date |
Affected Version |
|
CVE-2025-47940
|
High
|
|
May 20, 2025
|
>= 10.4.0 < 10.4.50
>= 11.0.0 < 11.5.44
>= 12.0.0 < 12.4.31
>= 13.0.0 < 13.4.12
|
|
CVE-2025-47939
|
Medium
|
|
May 20, 2025
|
>= 9.0.0 < 9.5.51
>= 10.0.0 < 10.4.50
>= 11.0.0 < 11.5.44
>= 12.0.0 < 12.4.31
>= 13.0.0 < 13.4.12
|
|
CVE-2025-47938
|
Low
|
|
May 20, 2025
|
>= 9.0.0 < 9.5.51
>= 10.0.0 < 10.4.50
>= 11.0.0 < 11.5.44
>= 12.0.0 < 12.4.31
>= 13.0.0 < 13.4.12
|
|
CVE-2025-47937
|
Low
|
|
May 20, 2025
|
>= 9.0.0 < 9.5.51
>= 10.0.0 < 10.4.50
>= 11.0.0 < 11.5.44
>= 12.0.0 < 12.4.31
>= 13.0.0 < 13.4.12
|
|
CVE-2024-55892
|
Medium
|
|
Jan 14, 2025
|
>= 9.0.0 < 9.5.49
>= 10.0.0 < 10.4.48
>= 11.0.0 < 11.5.42
>= 12.0.0 < 12.4.25
>= 13.0.0 < 13.4.3
|
|
TYPO3 Possible Insecure Deserialization in Extbase Request Handling
|
High
|
|
May 30, 2024
|
>= 8.0.0 < 8.7.30
>= 9.0.0 < 9.5.12
|
|
TYPO3 Cross-Site Scripting in Filelist Module
|
Medium
|
|
May 30, 2024
|
>= 10.0.0 < 10.2.1
>= 8.0.0 < 8.7.30
>= 9.0.0 < 9.5.12
|
|
TYPO3 Cross-Site Scripting in Link Handling
|
Medium
|
|
May 30, 2024
|
>= 10.0.0 < 10.2.1
>= 8.0.0 < 8.7.30
>= 9.0.0 < 9.5.12
|
|
TYPO3 Cross-Site Scripting in Form Framework validation handling
|
Medium
|
|
May 30, 2024
|
>= 10.0.0 < 10.2.1
>= 8.0.0 < 8.7.30
>= 9.0.0 < 9.5.12
|
|
TYPO3 Arbitrary Code Execution and Cross-Site Scripting in Backend API
|
High
|
|
May 30, 2024
|
>= 8.0.0 < 8.7.27
>= 9.0.0 < 9.5.8
|
typo3 / cms-core