GHSA-598P-RV6P-G7QC sr_freecap for Typo3 RCE Vulnerability

The srfreecap aka freeCap CAPTCHA extension 2.4.5 and below and 2.5.2 and below for TYPO3 fails to sanitize user input, which allows execution of arbitrary Extbase actions, resulting in Remote Code Execution...

Typo3 Extbase Framework Unsafe Deserialization

The Extbase Framework in TYPO3 4.6.x through 4.6.6, 4.7, and 6.0 unserializes untrusted data, which allows remote attackers to unserialize arbitrary objects and possibly execute arbitrary code via vectors related to "a missing signature HMAC for a request argument."...

GHSA-7JFM-PX59-99W8 Typo3 Extbase Framework Unsafe Deserialization

The Extbase Framework in TYPO3 4.6.x through 4.6.6, 4.7, and 6.0 unserializes untrusted data, which allows remote attackers to unserialize arbitrary objects and possibly execute arbitrary code via vectors related to "a missing signature HMAC for a request argument."...

GHSA-M64J-J252-JXMR TYPO3 SQL injection vulnerability in the Extbase Framework

SQL injection vulnerability in the Extbase Framework in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to "the Query Object Model and relation values."...

TYPO3 SQL injection vulnerability in the Extbase Framework

SQL injection vulnerability in the Extbase Framework in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to "the Query Object Model and relation values."...

Typo3 Information Disclosure

Failing to respect user groups of logged in users when caching queries, Extbase is susceptible to information disclosure. The query caching introduced in Extbase 6.2 used to cache queries that query results for a specific user group were presented to a different group...

GHSA-VCCP-5V5H-P8M6 Typo3 Information Disclosure

Failing to respect user groups of logged in users when caching queries, Extbase is susceptible to information disclosure. The query caching introduced in Extbase 6.2 used to cache queries that query results for a specific user group were presented to a different group...

GHSA-JXG5-35FJ-CCWF Extbase for TYPO3 allows RCE

Extbase in TYPO3 4.3.0 before 6.2.24, 7.x before 7.6.8, and 8.1.1 allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted Extbase action...

Extbase for TYPO3 allows RCE

Extbase in TYPO3 4.3.0 before 6.2.24, 7.x before 7.6.8, and 8.1.1 allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted Extbase action...

TYPO3 Cross-site scripting (XSS) vulnerability in the Extbase Framework

Cross-site scripting XSS vulnerability in the errorAction method in the ActionController base class in the Extbase Framework in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6, when the Rewritten Property Mapper is enabled, allows remote attackers t...

GHSA-QJ69-CHJP-G4F5 TYPO3 Cross-site scripting (XSS) vulnerability in the Extbase Framework

Cross-site scripting XSS vulnerability in the errorAction method in the ActionController base class in the Extbase Framework in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6, when the Rewritten Property Mapper is enabled, allows remote attackers t...

GHSA-P78X-93MQ-QWQH TYPO3 vulnerable to Cross-Site Scripting in the textarea view helper

TYPO3 before 4.3.4 and 4.4.x before 4.4.1 allows XSS in the textarea view helper in an extbase extension...

TYPO3 vulnerable to Cross-Site Scripting in the textarea view helper

TYPO3 before 4.3.4 and 4.4.x before 4.4.1 allows XSS in the textarea view helper in an extbase extension...

CVE-2021-36793

The routes aka Extbase Yaml Routes extension before 2.1.1 for TYPO3, when CsrfTokenViewHelper is used, allows Sensitive Information Disclosure because a session identifier is unsafely present in HTML output...

CVE-2021-36793

The routes aka Extbase Yaml Routes extension before 2.1.1 for TYPO3, when CsrfTokenViewHelper is used, allows Sensitive Information Disclosure because a session identifier is unsafely present in HTML output...

Sensitive Information Disclosure in “Extbase Yaml Routes” (routes)

When using the CsrfTokenViewHelper the extension discloses the user's session identifier to HTML output without processing of additional cryptographic hashing algorithms. This vulnerability cannot be exploited directly and occurs in combination with a chained attack - like for instance Cross Site...

CVE-2021-21355

TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 8.7.40, 9.5.25, 10.4.14, 11.1.1, due to the lack of ensuring file extensions belong to configured allowed mime-types, attackers can upload arbitrary data with arbitrary file extensions - however, default...

Design/Logic Flaw

TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 8.7.40, 9.5.25, 10.4.14, 11.1.1, due to the lack of ensuring file extensions belong to configured allowed mime-types, attackers can upload arbitrary data with arbitrary file extensions - however, default...

Unrestricted File Upload in Form Framework

Problem Due to the lack of ensuring file extensions belong to configured allowed mime-types, attackers can upload arbitrary data with arbitrary file extensions - however, default fileDenyPattern successfully blocked files like .htaccess or malicious.php. TYPO3 Extbase extensions, which implement ...

CVE-2021-21355 Unrestricted File Upload in Form Framework

TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 8.7.40, 9.5.25, 10.4.14, 11.1.1, due to the lack of ensuring file extensions belong to configured allowed mime-types, attackers can upload arbitrary data with arbitrary file extensions - however, default...