Typo3 Information Disclosure in User Authentication
It has been discovered that login failures have been logged on the default stream with log level "warning" including plain-text user...
7.3AI Score
Typo3 Information Disclosure in User Authentication
It has been discovered that login failures have been logged on the default stream with log level "warning" including plain-text user...
7.3AI Score
Cross-Site Scripting in TYPO3 CMS Backend
Failing to properly encode user input, backend forms are vulnerable to Cross-Site Scripting. A valid backend user account is needed to exploit this...
7AI Score
Cross-Site Scripting in TYPO3 CMS Backend
Failing to properly encode user input, backend forms are vulnerable to Cross-Site Scripting. A valid backend user account is needed to exploit this...
7AI Score
Cross-Site Scripting in TYPO3 CMS
Failing to properly encode user input, several places of the TYPO3 CMS are vulnerable to Cross-Site...
7AI Score
Cross-Site Scripting in TYPO3 CMS
Failing to properly encode user input, several places of the TYPO3 CMS are vulnerable to Cross-Site...
7AI Score
Insecure Unserialize in TYPO3 Backend
Failing to properly validate incoming data, the suggest wizard is susceptible to insecure unserialize. To exploit this vulnerability a valid backend user account is...
7AI Score
Insecure Unserialize in TYPO3 Backend
Failing to properly validate incoming data, the suggest wizard is susceptible to insecure unserialize. To exploit this vulnerability a valid backend user account is...
7AI Score
Cache Flooding in TYPO3 Frontend
Links with a valid cHash argument lead to newly generated page cache entries. Because the cHash is not bound to a specific page, attackers could use valid cHash arguments for multiple pages, leading to additional useless page cache entries. Depending on the number of pages in the system and the...
7AI Score
Cache Flooding in TYPO3 Frontend
Links with a valid cHash argument lead to newly generated page cache entries. Because the cHash is not bound to a specific page, attackers could use valid cHash arguments for multiple pages, leading to additional useless page cache entries. Depending on the number of pages in the system and the...
7AI Score
Authentication Bypass in TYPO3 Frontend
Due to late TCA initialization the authentication service fails to restrict frontend user according to the validation rules. Therefore it is possible to authenticate restricted (e.g. disabled) frontend...
7.3AI Score
Authentication Bypass in TYPO3 Frontend
Due to late TCA initialization the authentication service fails to restrict frontend user according to the validation rules. Therefore it is possible to authenticate restricted (e.g. disabled) frontend...
7.3AI Score
Authentication Bypass in TYPO3 CMS
It has been discovered that TYPO3’s Salted Password system extension (which is a mandatory system component) is vulnerable to Authentication Bypass when using hashing methods which are related by PHP class inheritance. In standard TYPO3 core distributions stored passwords using the blowfish...
6.9AI Score
Authentication Bypass in TYPO3 CMS
It has been discovered that TYPO3’s Salted Password system extension (which is a mandatory system component) is vulnerable to Authentication Bypass when using hashing methods which are related by PHP class inheritance. In standard TYPO3 core distributions stored passwords using the blowfish...
6.9AI Score
Information Disclosure in TYPO3 CMS
Failing to properly check user permission on file storages, editors could gain knowledge of protected storages and its folders as well as using them in a file collection being rendered in the frontend. A valid backend user account is needed to exploit this...
7.2AI Score
Information Disclosure in TYPO3 CMS
Failing to properly check user permission on file storages, editors could gain knowledge of protected storages and its folders as well as using them in a file collection being rendered in the frontend. A valid backend user account is needed to exploit this...
7.2AI Score
Insecure Deserialization & Arbitrary Code Execution in TYPO3 CMS
Phar files (formerly known as "PHP archives") can act als self extracting archives which leads to the fact that source code is executed when Phar files are invoked. The Phar file format is not limited to be stored with a dedicated file extension - "bundle.phar" would be valid as well as...
6.9AI Score
Insecure Deserialization & Arbitrary Code Execution in TYPO3 CMS
Phar files (formerly known as "PHP archives") can act als self extracting archives which leads to the fact that source code is executed when Phar files are invoked. The Phar file format is not limited to be stored with a dedicated file extension - "bundle.phar" would be valid as well as...
6.9AI Score
Information Disclosure in TYPO3 CMS
HTTP requests being performed using the TYPO3 API expose the specific TYPO3 version to the called...
7.1AI Score
Information Disclosure in TYPO3 CMS
HTTP requests being performed using the TYPO3 API expose the specific TYPO3 version to the called...
7.1AI Score
dotmesh arbitrary file read and/or write in github.com/dotmesh-io/dotmesh
dotmesh arbitrary file read and/or write in...
8.1CVSS
8.1AI Score
0.0004EPSS
Privilege Escalation & SQL Injection in TYPO3 CMS
Failing to properly dissociate system related configuration from user generated configuration, the Form Framework (system extension "form") is vulnerable to SQL injection and Privilege Escalation. Basically instructions can be persisted to a form definition file that were not configured to be...
8.1AI Score
Privilege Escalation & SQL Injection in TYPO3 CMS
Failing to properly dissociate system related configuration from user generated configuration, the Form Framework (system extension "form") is vulnerable to SQL injection and Privilege Escalation. Basically instructions can be persisted to a form definition file that were not configured to be...
8.1AI Score
TYPO3 Remote Code Execution in third party library swiftmailer
TYPO3 uses the package swiftmailer/swiftmailer for mail actions. This package is known to be vulnerable to Remote Code...
7.5AI Score
TYPO3 Remote Code Execution in third party library swiftmailer
TYPO3 uses the package swiftmailer/swiftmailer for mail actions. This package is known to be vulnerable to Remote Code...
7.5AI Score
Arbitrary Code Execution in TYPO3 CMS
Due to a missing file extension in the fileDenyPattern, backend user are allowed to upload *.pht files which can be executed in certain web server setups. The new default fileDenyPattern is the following, which might have been overridden in the TYPO3 Install Tool....
7.1AI Score
Arbitrary Code Execution in TYPO3 CMS
Due to a missing file extension in the fileDenyPattern, backend user are allowed to upload *.pht files which can be executed in certain web server setups. The new default fileDenyPattern is the following, which might have been overridden in the TYPO3 Install Tool....
7.1AI Score
Insecure Deserialization in TYPO3 CMS
It has been discovered that the Form Framework (system extension "form") is vulnerable to Insecure Deserialization when being used with the additional PHP PECL package “yaml”, which is capable of unserializing YAML contents to PHP objects. A valid backend user account as well as having PHP setting....
7AI Score
Insecure Deserialization in TYPO3 CMS
It has been discovered that the Form Framework (system extension "form") is vulnerable to Insecure Deserialization when being used with the additional PHP PECL package “yaml”, which is capable of unserializing YAML contents to PHP objects. A valid backend user account as well as having PHP setting....
7AI Score
Cross-Site Scripting (XSS) vulnerability in typolinks
All link fields within the TYPO3 installation are vulnerable to Cross-Site Scripting as authorized editors can insert data commands by using the url scheme...
6.7AI Score
Cross-Site Scripting (XSS) vulnerability in typolinks
All link fields within the TYPO3 installation are vulnerable to Cross-Site Scripting as authorized editors can insert data commands by using the url scheme...
6.7AI Score
Cross-Site Scripting (XSS) in TYPO3 Backend
Failing to properly encode user input, the page module is vulnerable to Cross-Site Scripting. A valid backend user account with permissions to edit plugins is needed to exploit this...
7AI Score
Cross-Site Scripting (XSS) in TYPO3 Backend
Failing to properly encode user input, the page module is vulnerable to Cross-Site Scripting. A valid backend user account with permissions to edit plugins is needed to exploit this...
7AI Score
Cross-Site Scripting in third party library mso/idna-convert
Make sure to not expose the vendor directory to the publicly accessible document root. In composer managed installation, make sure to configure a dedicated web folder. In general it is recommended to not expose the complete typo3_src sources folder in the document...
7AI Score
Cross-Site Scripting in third party library mso/idna-convert
Make sure to not expose the vendor directory to the publicly accessible document root. In composer managed installation, make sure to configure a dedicated web folder. In general it is recommended to not expose the complete typo3_src sources folder in the document...
7AI Score
Information Disclosure in TYPO3 Backend
The TYPO3 backend module stores the username of an authenticated backend user in its cache files. By guessing the file path to the cache files it is possible to receive valid backend...
6.9AI Score
Information Disclosure in TYPO3 Backend
The TYPO3 backend module stores the username of an authenticated backend user in its cache files. By guessing the file path to the cache files it is possible to receive valid backend...
6.9AI Score
SQL Injection in TYPO3 Frontend Login
Failing to properly escape user input, the frontend login component is vulnerable to SQL Injection. A valid frontend user account is needed to exploit this...
7.7AI Score
SQL Injection in TYPO3 Frontend Login
Failing to properly escape user input, the frontend login component is vulnerable to SQL Injection. A valid frontend user account is needed to exploit this...
7.7AI Score
Missing Access Check in TYPO3 CMS
Extbase request handling fails to implement a proper access check for requested controller/ action combinations, which makes it possible for an attacker to execute arbitrary Extbase actions by crafting a special request. To successfully exploit this vulnerability, an attacker must have access to...
7.9AI Score
Missing Access Check in TYPO3 CMS
Extbase request handling fails to implement a proper access check for requested controller/ action combinations, which makes it possible for an attacker to execute arbitrary Extbase actions by crafting a special request. To successfully exploit this vulnerability, an attacker must have access to...
7.9AI Score
Insecure Unserialize in TYPO3 Import/Export
Failing to properly validate incoming import data, the Import/Export component is susceptible to insecure unserialize. To exploit this vulnerability a valid backend user account is...
7AI Score
Insecure Unserialize in TYPO3 Import/Export
Failing to properly validate incoming import data, the Import/Export component is susceptible to insecure unserialize. To exploit this vulnerability a valid backend user account is...
7AI Score
Cross-Site Scripting in TYPO3 Backend
Failing to properly encode user input, some backend components are vulnerable to Cross-Site Scripting. A valid backend user account is needed to exploit this...
7AI Score
Cross-Site Scripting in TYPO3 Backend
Failing to properly encode user input, some backend components are vulnerable to Cross-Site Scripting. A valid backend user account is needed to exploit this...
7AI Score
Privilege Escalation in TYPO3 CMS
The workspace/ version preview link created by a privileged (backend) user could be abused to obtain certain editing permission, if the admin panel is configured to be shown. A valid preview link is required to exploit this...
6.8AI Score
Privilege Escalation in TYPO3 CMS
The workspace/ version preview link created by a privileged (backend) user could be abused to obtain certain editing permission, if the admin panel is configured to be shown. A valid preview link is required to exploit this...
6.8AI Score
Cross-Site Scripting in TYPO3 Backend
Failing to properly encode user input, some backend components are vulnerable to Cross-Site Scripting. A valid backend user account is needed to exploit this...
7AI Score
Cross-Site Scripting in TYPO3 Backend
Failing to properly encode user input, some backend components are vulnerable to Cross-Site Scripting. A valid backend user account is needed to exploit this...
7AI Score
Authentication Bypass in TYPO3 CMS
The default authentication service misses to invalidate empty strings as password. Therefore it is possible to authenticate backend and frontend users without password set in the database. Note: TYPO3 does not allow to create user accounts without a password. Your TYPO3 installation might only be.....
7.4AI Score