It has been discovered that the extension "Authenticator" (defbu_authenticator) is susceptible to Denial of Service.

It has been discovered that the extension "View frontend statistics" (view_statistics) is susceptible to Sensitive Data Exposure.

It has been discovered that the extension "phpmyadmin" (phpmyadmin) is susceptible to SQL Injection and Cross-Site Scripting.

It has been discovered that the extension "Event management and registration" (sf_event_mgt) is susceptible to Information Disclosure and Broken…

It has been discovered that the extension "Localization Manager" (l10nmgr) is susceptible to Information Disclosure.

It has been discovered that the extension "Kitodo.Presentation" (dlf) is susceptible to Cross-Site Scripting.

It has been discovered that the extension "Media Content Element" (mediace) is susceptible to Sensitive Information Disclosure.

It has been discovered that the extension "mm_forum" (mm_forum) is susceptible to Cross Site Scripting and CSRF.

It has been discovered that the extension "Google reCAPTCHA (v2/v3)" (jh_captcha) is susceptible to Cross-Site Scripting.

It has been discovered that the extension "Turn!" (turn) is susceptible to Remote Code Execution.