8 matches found
BIT-TYPO3-2021-41114
TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that TYPO3 CMS is susceptible to host spoofing due to improper validation of the HTTP Host header. TYPO3 uses the HTTP Host header, for example, to generate absolute URLs during the...
CVE-2014-3941
creationtimestamp| type| source ---|---|--- 2021-10-05 22:30:51+00:00| seen| https://t.me/cibsecurity/30003...
HTTP Host Header Injection
Meta CVSS: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:F/RL:O/RC:C 3.5 Problem It has been discovered that TYPO3 CMS is susceptible to host spoofing due to improper validation of the HTTP Host header. TYPO3 uses the HTTP Host header, for example, to generate absolute URLs during the frontend...
Input validation
TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that TYPO3 CMS is susceptible to host spoofing due to improper validation of the HTTP Host header. TYPO3 uses the HTTP Host header, for example, to generate absolute URLs during the...
openSUSE Security Update : typo3-cms-4_7 (openSUSE-2016-1002)
This update for typo3-cms-47 fixes the following issues : - CVE-2014-3941: Multiple vulnerabilities TYPO3-CORE-SA-2014-001 - CVE-2013-4701: Multiple vulnerabilities TYPO3-CORE-SA-2014-002 - CVE-2013-7073: Multiple vulnerabilities TYPO3-CORE-SA-2013-004 - other security fixes, e.g. preventing XSS...
openSUSE Security Update : typo3 (openSUSE-2016-959)
Important security fixes for vulnerabilities in typo3 which can be used for Cross-Site Scripting or Denial of Service attacks or for authentication bypassing. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...
openSUSE Security Update : typo3-cms-4_5 (openSUSE-SU-2014:0813-1)
typo3-cms-45 was updated to version 4.5.34 to fix eight security vulnerabilities and several other bugs. These security problems where fixed : - Add trusted HTTPHOST configuration CVE-2014-3941 - XSS in old extension manager information function CVE-2014-3943 - XSS in new content element wizard...
Multiple Vulnerabilities in TYPO3 CMS
It has been discovered that TYPO3 CMS is vulnerable to Cross-Site Scripting, Insecure Unserialize, Improper Session Invalidation, Authentication Bypass, Information Disclosure and Host Spoofing. Component Type: TYPO3 CMS Vulnerability Types: Cross-Site Scripting, Insecure Unserialize, Improper...