Lucene search

CVE-2020-26229

🗓️ 23 Nov 2020 22:12:15Reported by GitHub_MType

TYPO3 before 10.4.10 allows XML external entity processing in RSS widgets

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 12
OSV	CVE-2020-26229	23 Nov 202022:15	–	osv
OSV	BIT-typo3-2020-26229	6 Mar 202411:11	–	osv
OSV	XML External Entity in Dashboard Widget	23 Nov 202021:18	–	osv
Github Security Blog	XML External Entity in Dashboard Widget	23 Nov 202021:18	–	github
Cvelist	CVE-2020-26229 XML External Entity in Dashboard Widget	23 Nov 202021:15	–	cvelist
NVD	CVE-2020-26229	23 Nov 202022:15	–	nvd
OpenVAS	TYPO3 XXE Vulnerability (TYPO3-CORE-SA-2020-012)	17 May 202100:00	–	openvas
Friends Of PHP	TYPO3-CORE-SA-2020-012: XML External Entity in Dashboard Widget	17 Nov 202008:51	–	friendsofphp
Friends Of PHP	TYPO3-CORE-SA-2020-012: XML External Entity in Dashboard Widget	17 Nov 202008:51	–	friendsofphp
Prion	Xxe	23 Nov 202022:15	–	prion

Nvd

Vulners

Node

typo3 typo3Range10.0.0–10.4.10

[
  {
    "product": "TYPO3.CMS",
    "vendor": "TYPO3",
    "versions": [
      {
        "status": "affected",
        "version": ">= 10.0.0, < 10.4.10"
      }
    ]
  }
]

Source	Link
typo3	www.typo3.org/security/advisory/typo3-core-sa-2020-012
github	www.github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-q9cp-mc96-m4w2

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

23 Nov 2020 22:15Current

4Medium risk

Vulners AI Score4

CVSS23.6

CVSS33.7

EPSS0.0027

CWE-611