-
TYPO3-CORE-SA-2021-007: Cross-Site Scripting in Content Preview
Categories: Development, TYPO3 CMSAdvisory type: TYPO3 CMSRead moreIt has been discovered that TYPO3 CMS is vulnerable to cross-site scripting.
-
TYPO3-CORE-SA-2021-006: Cleartext storage of session identifier
Categories: Development, TYPO3 CMSAdvisory type: TYPO3 CMSRead moreIt has been discovered that TYPO3 CMS is susceptible to sensitive data exposure.
-
TYPO3-CORE-SA-2021-005: Denial of Service in Page Error Handling
Categories: Development, TYPO3 CMSAdvisory type: TYPO3 CMSRead moreIt has been discovered that TYPO3 CMS is susceptible to denial of service.
-
TYPO3-CORE-SA-2021-004: Cross-Site Scripting in Form Framework
Categories: Development, TYPO3 CMSAdvisory type: TYPO3 CMSRead moreIt has been discovered that TYPO3 CMS is vulnerable to cross-site scripting.
-
TYPO3-CORE-SA-2021-003: Broken Access Control in Form Framework
Categories: Development, TYPO3 CMSAdvisory type: TYPO3 CMSRead moreIt has been discovered that TYPO3 CMS is vulnerable to broken access control.
-
TYPO3-CORE-SA-2021-002: Unrestricted File Upload in Form Framework
Categories: Development, TYPO3 CMSAdvisory type: TYPO3 CMSRead moreIt has been discovered that TYPO3 CMS is vulnerable to unrestricted file upload.
-
TYPO3-CORE-SA-2021-001: Open Redirection in Login Handling
Categories: Development, TYPO3 CMSAdvisory type: TYPO3 CMSRead moreIt has been discovered that TYPO3 CMS is susceptible to open redirection.
-
TYPO3-EXT-SA-2021-003: Cross-Site Scripting in extension "Aimeos shop and e-commerce framework" (aimeos)
Categories: Development, SecurityAdvisory type: TYPO3 ExtensionsRead moreIt has been discovered that the extension"Aimeos shop and e-commerce framework" (aimeos) is susceptible to Cross-Site Scripting.
-
TYPO3-EXT-SA-2021-002: Denial of Service in extension "Code Highlight" (codehighlight)
Categories: Development, SecurityAdvisory type: TYPO3 ExtensionsRead moreIt has been discovered that the extension "Code Highlight" (codehighlight) is susceptible to Denial of Service.
-
TYPO3-EXT-SA-2021-001: SQL Injection in extension "VHS: Fluid ViewHelpers" (vhs)
Categories: Development, SecurityAdvisory type: TYPO3 ExtensionsRead moreIt has been discovered that the extension "VHS: Fluid ViewHelpers" (vhs) is susceptible to SQL Injection.