Lucene search
K

8 matches found

OSV
OSV
added 2024/03/06 11:10 a.m.28 views

BIT-TYPO3-2021-41114

TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that TYPO3 CMS is susceptible to host spoofing due to improper validation of the HTTP Host header. TYPO3 uses the HTTP Host header, for example, to generate absolute URLs during the...

5.3CVSS5AI score0.0116EPSS
Exploits0References3
Circl
Circl
added 2021/10/05 10:30 p.m.5 views

CVE-2014-3941

creationtimestamp| type| source ---|---|--- 2021-10-05 22:30:51+00:00| seen| https://t.me/cibsecurity/30003...

5CVSS5.4AI score0.02662EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2021/10/05 8:23 p.m.61 views

HTTP Host Header Injection

Meta CVSS: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:F/RL:O/RC:C 3.5 Problem It has been discovered that TYPO3 CMS is susceptible to host spoofing due to improper validation of the HTTP Host header. TYPO3 uses the HTTP Host header, for example, to generate absolute URLs during the frontend...

5.3CVSS1.2AI score0.0116EPSS
Exploits0References8Affected Software2
Prion
Prion
added 2021/10/05 6:15 p.m.31 views

Input validation

TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that TYPO3 CMS is susceptible to host spoofing due to improper validation of the HTTP Host header. TYPO3 uses the HTTP Host header, for example, to generate absolute URLs during the...

5CVSS5AI score0.02662EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/08/22 12:0 a.m.29 views

openSUSE Security Update : typo3-cms-4_7 (openSUSE-2016-1002)

This update for typo3-cms-47 fixes the following issues : - CVE-2014-3941: Multiple vulnerabilities TYPO3-CORE-SA-2014-001 - CVE-2013-4701: Multiple vulnerabilities TYPO3-CORE-SA-2014-002 - CVE-2013-7073: Multiple vulnerabilities TYPO3-CORE-SA-2013-004 - other security fixes, e.g. preventing XSS...

7.5CVSS6.1AI score0.02997EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2016/08/12 12:0 a.m.32 views

openSUSE Security Update : typo3 (openSUSE-2016-959)

Important security fixes for vulnerabilities in typo3 which can be used for Cross-Site Scripting or Denial of Service attacks or for authentication bypassing. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...

7.5CVSS6.1AI score0.02997EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2014/06/19 12:0 a.m.37 views

openSUSE Security Update : typo3-cms-4_5 (openSUSE-SU-2014:0813-1)

typo3-cms-45 was updated to version 4.5.34 to fix eight security vulnerabilities and several other bugs. These security problems where fixed : - Add trusted HTTPHOST configuration CVE-2014-3941 - XSS in old extension manager information function CVE-2014-3943 - XSS in new content element wizard...

6CVSS5.5AI score0.02662EPSS
Exploits0References7
Typo3
Typo3
added 2014/05/22 12:0 a.m.179 views

Multiple Vulnerabilities in TYPO3 CMS

It has been discovered that TYPO3 CMS is vulnerable to Cross-Site Scripting, Insecure Unserialize, Improper Session Invalidation, Authentication Bypass, Information Disclosure and Host Spoofing. Component Type: TYPO3 CMS Vulnerability Types: Cross-Site Scripting, Insecure Unserialize, Improper...

6CVSS6AI score0.04465EPSS
Exploits0Affected Software1
Rows per page
Query Builder