cbcvebase.

Typo3 Cms vulnerabilities

115 known vulnerabilities affecting typo3/cms.

Total CVEs
115
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
CRITICAL4HIGH28MEDIUM72LOW11

Vulnerabilities

Page 3 of 6
CVE-2014-3944P3MEDIUM≥ 6.2.0, < 6.2.32022-05-17
CVE-2014-3944 [MEDIUM] CWE-287 TYPO3 Improper Session Invalidation TYPO3 Improper Session Invalidation The Authentication component in TYPO3 6.2.0 before 6.2.3 does not properly invalidate timed out user sessions, which allows remote attackers to bypass authentication via unspecified vectors.
ghsaosv
CVE-2022-31047P3MEDIUM≥ 10.0.0, < 10.4.29≥ 11.0.0, < 11.5.112022-06-17
CVE-2022-31047 [MEDIUM] CWE-209 Insertion of Sensitive Information into Log File in typo3/cms-core Insertion of Sensitive Information into Log File in typo3/cms-core > ### Meta > * CVSS: `CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:F/RL:O/RC:C` (4.9) ### Problem It has been discovered that system internal credentials or keys (e.g. database credentials) have been logged as plaintext in exception handlers, when logging the complete exception stack trace. ### Solution Update to TYPO3 versions
ghsaosv
CVE-2010-5103P3MEDIUM≥ 4.2.0, < 4.2.16≥ 4.3.0, < 4.3.9+1 more2022-05-17
CVE-2010-5103 [MEDIUM] CWE-89 TYPO3 SQL Injection vulnerability TYPO3 SQL Injection vulnerability SQL injection vulnerability in the list module in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allows remote authenticated users with certain permissions to execute arbitrary SQL commands via unspecified vectors.
ghsaosv
CVE-2010-1153P3HIGH≥ 4.3.0, < 4.3.32022-05-02
CVE-2010-1153 [HIGH] CWE-94 TYPO3 PHP remote file inclusion vulnerability TYPO3 PHP remote file inclusion vulnerability PHP remote file inclusion vulnerability in the autoloader in TYPO3 4.3.x before 4.3.3 allows remote attackers to execute arbitrary PHP code via a URL in an input field associated with the className variable.
ghsaosv
CVE-2013-4250P4HIGH≥ 6.0.0, < 6.0.8≥ 6.1.0, < 6.1.32022-05-17
CVE-2013-4250 [HIGH] CWE-20 TYPO3 doesn't properly check file extensions TYPO3 doesn't properly check file extensions The (1) file upload component and (2) File Abstraction Layer (FAL) in TYPO3 6.0.x before 6.0.8 and 6.1.x before 6.1.3 do not properly check file extensions, which allow remote authenticated editors to execute arbitrary PHP code by uploading a .php file.
ghsaosv
CVE-2013-7075P4MEDIUM≥ 4.5.0, < 4.5.32≥ 4.7.0, < 4.7.17+2 more2022-05-17
CVE-2013-7075 [MEDIUM] CWE-502 TYPO3 vulnerable to Insecure Unserialize via Content Editing Wizards component TYPO3 vulnerable to Insecure Unserialize via Content Editing Wizards component The Content Editing Wizards component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 allows remote authenticated backend users to unserialize arbitrary PHP objects, delete arbitrary files, and possibly have other unspecified impacts via an unspecified parame
ghsaosv
CVE-2013-4321P4MEDIUMCVSS 6.5≥ 6.0.0, < 6.0.9≥ 6.1.0, < 6.1.42022-05-17
CVE-2013-4321 [MEDIUM] CWE-94 TYPO3 vulnerable to remote authenticated arbitrary code execution TYPO3 vulnerable to remote authenticated arbitrary code execution The File Abstraction Layer (FAL) in TYPO3 6.0.x before 6.0.9 and 6.1.x before 6.1.4 allows remote authenticated editors to execute arbitrary PHP code via unspecified characters in the file extension when renaming a file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4250.
ghsaosv
CVE-2011-4627P4MEDIUM≥ 0, < 4.3.12≥ 4.4.0, < 4.4.9+1 more2022-04-22
CVE-2011-4627 [MEDIUM] CWE-200 Typo3 Information Disclosure Typo3 Information Disclosure TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows Information Disclosure on the backend.
ghsaosv
CVE-2020-8091P4MEDIUM≥ 7.0.0, < 7.2.0≥ 6.2.0, < 6.2.392022-05-24
CVE-2020-8091 [MEDIUM] CWE-79 Typo3 Cross-Site Scripting in Flash component (ELTS) Typo3 Cross-Site Scripting in Flash component (ELTS) TYPO3 6.2.0 to 6.2.38 ELTS and 7.0.0 to 7.1.0 included a vulnerable external component, which could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on a targeted system.
ghsaosv
CVE-2014-3945P4CRITICAL≥ 0, < 6.2.02022-05-17
CVE-2014-3945 [CRITICAL] CWE-287 TYPO3 vulnerable to authentication bypass via leveraging knowledge of password hash TYPO3 vulnerable to authentication bypass via leveraging knowledge of password hash The Authentication component in TYPO3 before 6.2, when salting for password hashing is disabled, does not require knowledge of the cleartext password if the password hash is known, which allows remote attackers to bypass authentication and gain access to the backend by leveraging knowledge of a pa
ghsaosv
CVE-2018-14041P4MEDIUMCVSS 6.1≥ 8.0.0, < 8.7.23≥ 9.0.0, < 9.5.42018-09-13
CVE-2018-14041 [MEDIUM] CWE-79 Bootstrap Cross-site Scripting vulnerability Bootstrap Cross-site Scripting vulnerability In Bootstrap 4.x before 4.1.2, XSS is possible in the data-target property of scrollspy. This is similar to CVE-2018-14042.
ghsaosv
CVE-2021-21338P4MEDIUM≥ 10.0.0, < 10.4.14≥ 11.0.0, < 11.1.1+1 more2021-03-23
CVE-2021-21338 [MEDIUM] CWE-601 Open Redirection in Login Handling Open Redirection in Login Handling ### Problem It has been discovered that Login Handling is susceptible to open redirection which allows attackers redirecting to arbitrary content, and conducting phishing attacks. No authentication is required in order to exploit this vulnerability. ### Solution Update to TYPO3 versions 6.2.57, 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1 that fix the problem described. ### Credits Thanks to Alexa
ghsaosv
CVE-2011-4900P4MEDIUM≥ 0, < 4.5.42022-04-22
CVE-2011-4900 [MEDIUM] CWE-200 Typo3 Information Disclosure Typo3 Information Disclosure TYPO3 before 4.5.4 allows Information Disclosure in the backend.
ghsaosv
CVE-2012-1605P4MEDIUM≥ 4.6, < 4.6.7≥ 4.4.0, < 4.4.14+1 more2022-05-17
CVE-2012-1605 [MEDIUM] CWE-502 Typo3 Extbase Framework Unsafe Deserialization Typo3 Extbase Framework Unsafe Deserialization The Extbase Framework in TYPO3 4.6.x through 4.6.6, 4.7, and 6.0 unserializes untrusted data, which allows remote attackers to unserialize arbitrary objects and possibly execute arbitrary code via vectors related to "a missing signature (HMAC) for a request argument."
ghsaosv
CVE-2012-3527P4MEDIUM≥ 4.5.0, < 4.5.19≥ 4.6.0, < 4.6.12+1 more2022-05-17
CVE-2012-3527 [MEDIUM] CWE-502 TYPO3 allows remote authenticated backend users to unserialize arbitrary objects TYPO3 allows remote authenticated backend users to unserialize arbitrary objects view_help.php in the backend help system in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote authenticated backend users to unserialize arbitrary objects and possibly execute arbitrary PHP code via an unspecified parameter, related to a "missing signature (HMAC)."
ghsaosv
CVE-2021-41114P4MEDIUMCVSS 5.0≥ 11.0.0, < 11.5.02021-10-05
CVE-2021-41114 [MEDIUM] CWE-20 HTTP Host Header Injection HTTP Host Header Injection ### Meta * CVSS: `CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:F/RL:O/RC:C` (3.5) ### Problem It has been discovered that TYPO3 CMS is susceptible to host spoofing due to improper validation of the HTTP _Host_ header. TYPO3 uses the HTTP _Host_ header, for example, to generate absolute URLs during the frontend rendering process. Since the host header itself is provided by the client, it can be forged to any
ghsaosv
CVE-2022-36106P4MEDIUM≥ 10.4.0, < 10.4.32≥ 11.0.0, < 11.5.162022-09-16
CVE-2022-36106 [MEDIUM] CWE-287 TYPO3 CMS missing check for expiration time of password reset token for backend users TYPO3 CMS missing check for expiration time of password reset token for backend users > ### Meta > * CVSS: `CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:F/RL:O/RC:C` (5.0) ### Problem It has been discovered that the expiration time of a password reset link for TYPO3 backend users has never been evaluated. As a result, a password reset link could be used to perform a password
ghsaosv
CVE-2022-23502P4MEDIUM≥ 10.0.0, < 10.4.33≥ 11.0.0, < 11.5.20+1 more2022-12-13
CVE-2022-23502 [MEDIUM] CWE-613 TYPO3 CMS vulnerable to Insufficient Session Expiration after Password Reset TYPO3 CMS vulnerable to Insufficient Session Expiration after Password Reset ### Problem When users reset their password using the corresponding password recovery functionality, existing sessions for that particular user account were not revoked. This applied to both frontend user sessions and backend user sessions. ### Solution Update to TYPO3 versions 10.4.33, 11.5.20, 12.1.1 that fix
ghsaosv
CVE-2022-36105P4MEDIUM≥ 10.0.0, < 10.4.32≥ 11.0.0, < 11.5.162022-09-16
CVE-2022-36105 [MEDIUM] CWE-203 TYPO3 CMS vulnerable to User Enumeration via Response Timing TYPO3 CMS vulnerable to User Enumeration via Response Timing > ### Meta > * CVSS: `CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C` (4.9) ### Problem It has been discovered that observing response time during user authentication (backend and frontend) can be used to distinguish between existing and non-existing user accounts. Extension authors of 3rd party TYPO3 extensions providing a custo
ghsaosv
CVE-2021-32768P4MEDIUM≥ 10.0.0, < 10.4.19≥ 11.0.0, < 11.3.2+3 more2021-08-19
CVE-2021-32768 [MEDIUM] CWE-79 Cross-Site Scripting via Rich-Text Content Cross-Site Scripting via Rich-Text Content > ### Meta > * CVSS: `CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:F/RL:O/RC` (5.7) ### Problem Failing to properly parse, sanitize and encode malicious rich-text content, the content rendering process in the website frontend is vulnerable to cross-site scripting. Corresponding rendering instructions via TypoScript functionality _[HTMLparser](https://docs.typo3.org/m/typo3/ref
ghsaosv
Typo3 Cms vulnerabilities | cvebase