4 matches found
FreeBSD : typo3 -- multiple vulnerabilities (d9e154c9-7de9-11ed-adca-080027d3a315)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the d9e154c9-7de9-11ed-adca-080027d3a315 advisory. - HTML sanitizer is written in PHP, aiming to provide XSS-safe markup based on explicitly...
CVE-2022-23503
CVE-2022-23503 affects TYPO3 core/form components. The issue is a Code Injection in the Form Designer backend module: lack of separating user-submitted data from internal configuration allows TypoScript to be processed as PHP code. Exploitation requires a valid backend user with Form Module acces...
TYPO3 Arbitrary Code Execution Vulnerability (TYPO3-CORE-SA-2022-015)
TYPO3 is prone to an arbitrary code execution vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:typo3:typo3"; if...
TYPO3 8.0.0 < 8.7.49 ELTS / 9.0.0 < 9.5.38 ELTS / 10.0.0 < 10.4.33 / 11.0.0 < 11.5.20 / 12.0.0 < 12.1.1 (TYPO3-CORE-SA-2022-015)
The version of TYPO3 installed on the remote host is prior to 8.0.0 8.7.49 ELTS / 9.0.0 9.5.38 ELTS / 10.0.0 10.4.33 / 11.0.0 11.5.20 / 12.0.0 12.1.1. It is, therefore, affected by a vulnerability as referenced in the TYPO3-CORE-SA-2022-015 advisory. - Due to the lack of separating user-submitted...