6 matches found
EUVD-2025-27229
Malicious code in bioql PyPI...
CVE-2025-59017 Broken Access Control in Backend AJAX Routes
Missing authorization checks in the Backend Routing of TYPO3 CMS versions 9.0.0‑9.5.54, 10.0.0‑10.4.53, 11.0.0‑11.5.47, 12.0.0‑12.4.36, and 13.0.0‑13.4.17 allow backend users to directly invoke AJAX backend routes without having access to the corresponding backend modules...
PT-2025-36693
Name of the Vulnerable Software and Affected Versions: TYPO3 CMS versions 9.0.0 through 9.5.54 TYPO3 CMS versions 10.0.0 through 10.4.53 TYPO3 CMS versions 11.0.0 through 11.5.47 TYPO3 CMS versions 12.0.0 through 12.4.36 TYPO3 CMS versions 13.0.0 through 13.4.17 Description: The Backend Routing...
PT-2024-25813 · Typo3 · Typo3
Name of the Vulnerable Software and Affected Versions: TYPO3 versions 9.0.0 through 9.5.47 ELTS TYPO3 versions 10.0.0 through 10.4.44 ELTS TYPO3 versions 11.0.0 through 11.5.36 LTS TYPO3 versions 12.0.0 through 12.4.14 LTS TYPO3 versions 13.0.0 through 13.0.0 Description: The form manager backend...
CVE-2023-33651
An issue in the MVC Device Simulator of Sitecore Experience Platform XP, Experience Manager XM, and Experience Commerce XC v9.0 Initial Release to v13.0 Initial Release allows attackers to bypass authorization rules...
Sitecore Experience Platform 安全漏洞
Sitecore Experience Platform XP is a suite of customer digital experience platforms from Sitecore, Denmark. A security vulnerability exists in Sitecore Experience Platform XP, which stems from a security issue in MVC Device Simulator that allows attackers to bypass authorization rules. Affected...