Lucene search
K

11 matches found

OSV
OSV
added 2024/10/08 2:37 p.m.10 views

GHSA-RF5M-H8Q9-9W6Q Information Disclosure in TYPO3 Page Tree

Problem Backend users could see items in the backend page tree without having access if the mounts pointed to pages restricted for their user/group, or if no mounts were configured but the pages allowed access to "everybody." However, affected users could not manipulate these pages. Solution Upda...

3.1CVSS3.8AI score0.00294EPSS
Exploits0References7
OSV
OSV
added 2024/02/13 5:29 p.m.27 views

GHSA-RJ3X-WVC6-5J66 TYPO3 vulnerable to Improper Access Control Persisting File Abstraction Layer Entities via Data Handler

Problem Entities of the File Abstraction Layer FAL could be persisted directly via DataHandler. This allowed attackers to reference files in the fallback storage directly and retrieve their file names and contents. The fallback storage "zero-storage" is used as a backward compatibility layer for...

7.1CVSS6.7AI score0.00496EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2024/02/13 5:29 p.m.35 views

TYPO3 vulnerable to Improper Access Control Persisting File Abstraction Layer Entities via Data Handler

Problem Entities of the File Abstraction Layer FAL could be persisted directly via DataHandler. This allowed attackers to reference files in the fallback storage directly and retrieve their file names and contents. The fallback storage "zero-storage" is used as a backward compatibility layer for...

7.1CVSS7AI score0.00496EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2024/02/13 4:58 p.m.14 views

GHSA-38R2-5695-334W TYPO3 Backend Forms vulnerable to Information Disclosure of Hashed Passwords

Problem Password hashes were being reflected in the editing forms of the TYPO3 backend user interface. This allowed attackers to crack the plaintext password using brute force techniques. Exploiting this vulnerability requires a valid backend user account. Solution Update to TYPO3 versions 8.7.57...

4.3CVSS5.4AI score0.0056EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2022/09/16 6:50 p.m.32 views

TYPO3 HTML Sanitizer Bypasses Cross-Site Scripting Protection

Meta CVSS: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:F/RL:O/RC:C 5.7 Problem Due to a parsing issue in upstream package masterminds/html5, malicious markup used in a sequence with special HTML comments cannot be filtered and sanitized. This allows to by-pass the cross-site scripting mechanis...

6.1CVSS5.7AI score0.00633EPSS
Exploits0References10Affected Software3
Github Security Blog
Github Security Blog
added 2022/09/16 5:15 p.m.26 views

TYPO3 CMS Stored Cross-Site Scripting via FileDumpController

Meta CVSS: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:F/RL:O/RC:C 5.0 Problem It has been discovered that the FileDumpController backend and frontend context is vulnerable to cross-site scripting when malicious files are displayed using this component. A valid backend user account is needed t...

6.5CVSS5.3AI score0.00722EPSS
Exploits0References8Affected Software2
Friends Of PHP
Friends Of PHP
added 2022/09/13 7:28 a.m.29 views

GHSA-47m6-46mj-p235: By-passing Cross-Site Scripting Protection in HTML Sanitizer

Meta CVSS: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:F/RL:O/RC:C 5.7 Problem Due to a parsing issue in upstream package masterminds/html5, malicious markup used in a sequence with special HTML comments cannot be filtered and sanitized. This allows to by-pass the cross-site scripting mechanis...

6.1CVSS5.8AI score0.00633EPSS
Exploits0Affected Software1
OSV
OSV
added 2021/03/23 1:53 a.m.19 views

GHSA-QX3W-4864-94CH Cleartext storage of session identifier

Problem User session identifiers were stored in cleartext - without processing of additional cryptographic hashing algorithms. This vulnerability cannot be exploited directly and occurs in combination with a chained attack - like for instance SQL injection in any other component of the system...

5.9CVSS7.7AI score0.00918EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2020/11/23 9:18 p.m.41 views

Cleartext storage of session identifier

User session identifiers were stored in cleartext - without processing of additional cryptographic hashing algorithms. This vulnerability cannot be exploited directly and occurs in combination with a chained attack - like for instance SQL injection in any other component of the system. Solution...

8.1CVSS1.6AI score0.00666EPSS
Exploits0References6Affected Software2
Github Security Blog
Github Security Blog
added 2020/07/29 4:15 p.m.52 views

Potential Remote Code Execution in TYPO3 with mediace extension

Meta CVSS: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C 9.1 CWE-325, CWE-20, CWE-200, CWE-502 Problem It has been discovered that an internal verification mechanism can be used to generate arbitrary checksums. This allows to inject arbitrary data having a valid cryptographic message...

9.8CVSS1.7AI score0.02721EPSS
Exploits1References7Affected Software1
Typo3
Typo3
added 2011/09/07 12:0 a.m.15 views

A vulnerability in extension Drag Drop Mass Upload (ameos_dragndropupload)

A vulnerability has been found in the following third-party TYPO3 extension: ameosdragndropupload Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 2.0.2 and below Vulnerability Types: Arbitrary Code Execution Severit...

7AI score
Exploits0Affected Software1
Rows per page
Query Builder