It has been discovered that the extension "hCaptcha for EXT:form" (hcaptcha) is susceptible to Broken Access Control.

It has been discovered that the extension "Canto Extension" (canto_extension) is susceptible to Server Side Request Forgery and Remote Code Execution.

It has been discovered that the extension "ipandlanguageredirect" (ipandlanguageredirect) is susceptible to SQL Injection.

It has been discovered that the extension "Faceted Search" (ke_search) is susceptible to Cross-Site Scripting.

It has been discovered that the extension "Fluid Components" (fluid_components) is susceptible to Cross-Site Scripting.

It has been discovered that the extension "Forms Export" (frp_form_answers) is susceptible to Cross-Site Scripting.

It has been discovered that the extension "femanager" (femanager) is susceptible to Broken Access Control.

It has been discovered that the extension "Master-Quiz" (fp_masterquiz) is susceptible to Information Disclosure and Broken Access Control.

It has been discovered that the extension "Newsletter subscriber management" (fp_newsletter) is susceptible to Information Disclosure and Broken…

It has been discovered that the extension "Change password for frontend users" (fe_change_pwd) is susceptible to insufficient session expiration.