cbcvebase.

Typo3 Cms vulnerabilities

115 known vulnerabilities affecting typo3/cms.

Total CVEs
115
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
CRITICAL4HIGH28MEDIUM72LOW11

Vulnerabilities

Page 4 of 6
CVE-2012-1607P4MEDIUM≥ 4.4.0, ≤ 4.4.13≥ 4.5.0, ≤ 4.5.13+1 more2022-05-17
CVE-2012-1607 [MEDIUM] CWE-200 TYPO3 allows remote attackers to obtain the database name via a direct request TYPO3 allows remote attackers to obtain the database name via a direct request The Command Line Interface (CLI) script in TYPO3 4.4.0 through 4.4.13, 4.5.0 through 4.5.13, 4.6.0 through 4.6.6, 4.7, and 6.0 allows remote attackers to obtain the database name via a direct request.
ghsaosv
CVE-2014-3941P4MEDIUM≥ 4.5.0, < 4.5.34≥ 4.7.0, < 4.7.19+3 more2022-05-14
CVE-2014-3941 [MEDIUM] CWE-20 Typo3 Host Header Spoofing Vulnerability Typo3 Host Header Spoofing Vulnerability TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, 6.1.0 before 6.1.9, and 6.2.0 before 6.2.3 allows remote attackers to have unspecified impact via a crafted HTTP Host header, related to "Host Spoofing."
ghsaosv
CVE-2023-24814P4HIGH≥ 10.0.0, < 10.4.35≥ 11.0.0, < 11.5.23+1 more2023-02-08
CVE-2023-24814 [HIGH] CWE-79 TYPO3 is vulnerable to Cross-Site Scripting via frontend rendering TYPO3 is vulnerable to Cross-Site Scripting via frontend rendering > ### CVSS: `CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:F/RL:O/RC:C` (8.2) ### Problem TYPO3 core component `GeneralUtility::getIndpEnv()` uses the unfiltered server environment variable `PATH_INFO`, which allows attackers to inject malicious content. In combination with the TypoScript setting [`config.absRefPrefix=auto`](https:
ghsaosv
CVE-2018-17960P4MEDIUM≥ 8.0.0, < 8.7.21≥ 9.0.0, < 9.5.22018-11-21
CVE-2018-17960 [MEDIUM] CWE-79 Ckeditor XSS Vulnerability Ckeditor XSS Vulnerability CKEditor 4.x before 4.11.0 allows user-assisted XSS involving a source-mode paste. It was possible to execute XSS inside the CKEditor source area after persuading the victim to: (i) switch CKEditor to source mode, then (ii) paste a specially crafted HTML code, prepared by the attacker, into the opened CKEditor source area, and (iii) switch back to WYSIWYG mode. Although this is an unlikely scenario, it is recom
ghsaosv
CVE-2020-15241P4MEDIUM≥ 8.0.0, < 8.7.25≥ 9.0.0, < 9.5.62020-10-08
CVE-2020-15241 [MEDIUM] CWE-601 Cross-Site Scripting in ternary conditional operator Cross-Site Scripting in ternary conditional operator > ### Meta > * CVSS: `CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N/E:F/RL:O/RC:C`(5.0) > * CWE-79 --- :information_source: This vulnerability has been fixed in May 2019 already, CVE and GHSA were assigned later in October 2020 --- ### Problem It has been discovered that the Fluid Engine (package `typo3fluid/fluid`) is vulnerable to cross-site scripting wh
ghsaosv
CVE-2021-21370P4MEDIUM≥ 10.0.0, < 10.4.14≥ 11.0.0, < 11.1.1+1 more2021-03-23
CVE-2021-21370 [MEDIUM] CWE-79 Cross-Site Scripting in Content Preview (CType menu) Cross-Site Scripting in Content Preview (CType menu) ### Problem It has been discovered that content elements of type _menu_ are vulnerable to cross-site scripting when their referenced items get previewed in the page module. A valid backend user account is needed to exploit this vulnerability. ### Solution Update to TYPO3 versions 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1 that fix the problem described. ### Cre
ghsaosv
CVE-2021-21358P4MEDIUM≥ 10.0.0, < 10.4.14≥ 11.0.0, < 11.1.12021-03-23
CVE-2021-21358 [MEDIUM] CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in typo3/cms-form Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in typo3/cms-form ### Problem It has been discovered that the Form Designer backend module of the Form Framework is vulnerable to cross-site scripting. A valid backend user account with access to the form module is needed to exploit this vulnerability. ### Solution Update to TYP
ghsaosv
CVE-2021-21340P4MEDIUM≥ 10.0.0, < 10.4.14≥ 11.0.0, < 11.1.12021-03-23
CVE-2021-21340 [MEDIUM] CWE-79 Cross-Site Scripting in Content Preview Cross-Site Scripting in Content Preview ### Problem It has been discovered that database fields used as _descriptionColumn_ are vulnerable to cross-site scripting when their content gets previewed in the page module. A valid backend user account is needed to exploit this vulnerability. ### Solution Update to TYPO3 versions 10.4.14, 11.1.1 that fix the problem described. ### Credits Thanks to Richie Lee who reported this is
ghsaosv
CVE-2022-36107P4MEDIUM≥ 10.0.0, < 10.4.32≥ 11.0.0, < 11.5.162022-09-16
CVE-2022-36107 [MEDIUM] CWE-79 TYPO3 CMS Stored Cross-Site Scripting via FileDumpController TYPO3 CMS Stored Cross-Site Scripting via FileDumpController > ### Meta > * CVSS: `CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:F/RL:O/RC:C` (5.0) ### Problem It has been discovered that the `FileDumpController` (backend and frontend context) is vulnerable to cross-site scripting when malicious files are displayed using this component. A valid backend user account is needed to exploit this vulnerabili
ghsaosv
CVE-2020-26227P4MEDIUM≥ 10.0.0, < 10.4.10≥ 9.0.0, < 9.5.23+1 more2020-12-21
CVE-2020-26227 [MEDIUM] CWE-79 Cross-Site Scripting in Fluid view helpers Cross-Site Scripting in Fluid view helpers > ### Meta > * CVSS: `CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:F/RL:O/RC:C` (5.7) > * CWE-79 ### Problem It has been discovered that system extension Fluid (`typo3/cms-fluid`) of the TYPO3 core is vulnerable to cross-site scripting passing user-controlled data as argument to Fluid view helpers. ``` ``` ### Solution Update to TYPO3 versions 9.5.23 or 10.4.10 that fix th
ghsaosv
CVE-2022-31048P4MEDIUM≥ 10.0.0, < 10.4.29≥ 11.0.0, < 11.5.112022-06-17
CVE-2022-31048 [MEDIUM] CWE-79 Cross-Site Scripting in TYPO3's Form Framework Cross-Site Scripting in TYPO3's Form Framework > ### Meta > * CVSS: `CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:F/RL:O/RC:C` (4.9) ### Problem It has been discovered that the Form Designer backend module of the Form Framework is vulnerable to cross-site scripting. A valid backend user account with access to the form module is needed to exploit this vulnerability. ### Solution Update to TYPO3 versions 8.7.47 ELTS
ghsaosv
CVE-2022-31049P4MEDIUM≥ 10.0.0, < 10.4.29≥ 11.0.0, < 11.5.112022-06-17
CVE-2022-31049 [MEDIUM] CWE-79 Cross-Site Scripting in TYPO3's Frontend Login Mailer Cross-Site Scripting in TYPO3's Frontend Login Mailer > ### Meta > * CVSS: `CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:F/RL:O/RC:C` (4.9) ### Problem User submitted content was used without being properly encoded in HTML emails sent to users. The actually affected components were mail clients used to view those messages. ### Solution Update to TYPO3 versions 9.5.35 ELTS, 10.4.29, 11.5.11 that fix the prob
ghsaosv
CVE-2010-5101P4MEDIUM≥ 4.2.0, < 4.2.16≥ 4.3.0, < 4.3.9+1 more2022-05-17
CVE-2010-5101 [MEDIUM] CWE-22 TYPO3 Directory Traversal vulnerability TYPO3 Directory Traversal vulnerability Directory traversal vulnerability in the TypoScript setup in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allows remote authenticated administrators to read arbitrary files via unspecified vectors related to the "file inclusion functionality."
ghsaosv
CVE-2014-9508P4MEDIUM≥ 4.5.0, < 4.5.39≥ 4.6.0, < 6.2.9+1 more2022-05-17
CVE-2014-9508 [MEDIUM] CWE-59 Typo3 Open Redirect In Frontend Rendering Typo3 Open Redirect In Frontend Rendering The frontend rendering component in TYPO3 4.5.x before 4.5.39, 4.6.x through 6.2.x before 6.2.9, and 7.x before 7.0.2, allows remote attackers to change URLs to arbitrary domains. An attacker could forge a request which modifies anchor only links on the homepage of a TYPO3 installation such that they point to arbitrary domains, if the configuration option `config.prefixLocalAnchors
ghsaosv
CVE-2015-8760P4MEDIUM≥ 6.2.0, < 6.2.162022-05-17
CVE-2015-8760 [MEDIUM] CWE-20 TYPO3 allows remote attackers to embed Flash videos from external domain TYPO3 allows remote attackers to embed Flash videos from external domain The Flvplayer component in TYPO3 6.2.x before 6.2.16 allows remote attackers to embed Flash videos from external domains via unspecified vectors, aka "Cross-Site Flashing."
ghsaosv
CVE-2022-36108P4MEDIUM≥ 10.3.0, < 10.4.32≥ 11.0.0, < 11.5.162022-09-16
CVE-2022-36108 [MEDIUM] CWE-79 TYPO3 CMS vulnerable to Cross-Site Scripting in <f:asset.css> view helper TYPO3 CMS vulnerable to Cross-Site Scripting in view helper > ### Meta > * CVSS: `CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N/E:F/RL:O/RC:C` (4.1) ### Problem It has been discovered that the `f:asset.css` view helper is vulnerable to cross-site scripting when user input is passed as variables to the CSS. ### Solution Update to TYPO3 version 10.4.32 or 11.5.16 that fix the problem describe
ghsaosv
CVE-2022-36020P4MEDIUM≥ 10.0.0, < 10.4.32≥ 11.0.0, < 11.5.162022-09-16
CVE-2022-36020 [MEDIUM] CWE-79 TYPO3 HTML Sanitizer Bypasses Cross-Site Scripting Protection TYPO3 HTML Sanitizer Bypasses Cross-Site Scripting Protection > ### Meta > * CVSS: `CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:F/RL:O/RC:C` (5.7) ### Problem Due to a parsing issue in upstream package [`masterminds/html5`](https://packagist.org/packages/masterminds/html5), malicious markup used in a sequence with special HTML comments cannot be filtered and sanitized. This allows to by-pass the cro
ghsaosv
CVE-2021-32669P4MEDIUM≥ 10.0.0, < 10.4.18≥ 11.0.0, < 11.3.1+1 more2021-07-22
CVE-2021-32669 [MEDIUM] CWE-79 Cross-Site Scripting in Backend Grid View Cross-Site Scripting in Backend Grid View ### Problem Failing to properly encode settings for _backend layouts_, the corresponding grid view is vulnerable to persistent cross-site scripting. A valid backend user account is needed to exploit this vulnerability. ### Solution Update to TYPO3 versions 8.7.41 ELTS, 9.5.28, 10.4.18, 11.3.1 that fix the problem described. ### Credits Thanks to TYPO3 core merger Oliver Bartsch w
ghsaosv
CVE-2021-32667P4MEDIUM≥ 10.0.0, < 10.4.18≥ 11.0.0, < 11.3.1+1 more2021-07-22
CVE-2021-32667 [MEDIUM] CWE-79 Cross-Site Scripting in Page Preview Cross-Site Scripting in Page Preview > ### Meta > * CVSS: `CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:F/RL:O/RC` (5.0) ### Problem Failing to properly encode _Page TSconfig_ settings, corresponding page preview module (_Web>View_) is vulnerable to persistent cross-site scripting. A valid backend user account is needed to exploit this vulnerability. ### Solution Update to TYPO3 versions 9.5.28, 10.4.18, 11.3.1 that fix the
ghsaosv
CVE-2022-23504P4MEDIUM≥ 10.0.0, < 10.4.33≥ 11.0.0, < 11.5.20+1 more2022-12-13
CVE-2022-23504 [MEDIUM] CWE-200 TYPO3 CMS vulnerable to Sensitive Information Disclosure via YAML Placeholder Expressions in Site Configuration TYPO3 CMS vulnerable to Sensitive Information Disclosure via YAML Placeholder Expressions in Site Configuration > ### CVSS: `CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:L/E:F/RL:O/RC:C` (5.3) ### Problem Due to the lack of handling user-submitted [YAML placeholder expressions](https://docs.typo3.org/m/typo3/reference-coreapi/main/en-us/Configuration/Yam
ghsaosv
Typo3 Cms vulnerabilities | cvebase