Lucene search
K

9 matches found

Snyk
Snyk
added 2025/01/14 3:42 p.m.2 views

Cross-site Request Forgery (CSRF)

Overview Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via the backend user interface functionality involving deep links. An attacker can manipulate the state-changing actions and trigger unauthorized commands by deceiving a victim into interacting with a...

8.5CVSS7.1AI score0.00251EPSS
Exploits0References2
Snyk
Snyk
added 2025/01/14 3:40 p.m.4 views

Exposed Dangerous Method or Function

Overview typo3/cms-form is a Form Library, Plugin and Editor Affected versions of this package are vulnerable to Exposed Dangerous Method or Function via the backend user interface functionality involving deep links. An attacker can manipulate or delete persisted form definitions by deceiving a...

5.4CVSS6.9AI score0.00183EPSS
Exploits0References2
Snyk
Snyk
added 2025/01/14 3:40 p.m.5 views

Cross-site Request Forgery (CSRF)

Overview Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via the backend user interface functionality involving deep links. An attacker can manipulate the session and perform unauthorized actions. Note: This is only exploitable if the...

8.8CVSS7AI score0.00352EPSS
Exploits0References2
Snyk
Snyk
added 2025/01/14 3:25 p.m.4 views

Exposed Dangerous Method or Function

Overview Affected versions of this package are vulnerable to Exposed Dangerous Method or Function via the backend user interface functionality involving deep links. An attacker can manipulate the victim's dashboard configuration by deceiving the victim into interacting with a malicious URL while...

5.1CVSS6.9AI score0.00188EPSS
Exploits0References2
Snyk
Snyk
added 2025/01/14 3:25 p.m.3 views

Exposed Dangerous Method or Function

Overview Affected versions of this package are vulnerable to Exposed Dangerous Method or Function via the Backend User Module. An attacker can manipulate user actions by tricking a victim into visiting a malicious URL while logged into the backend. Note: This is only exploitable if...

5.4CVSS6.9AI score0.00235EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/14 12:0 a.m.7 views

PT-2025-3149 · Typo3 · Typo3

Name of the Vulnerable Software and Affected Versions: TYPO3 versions prior to 11.5.42 ELTS TYPO3 versions prior to 12.4.25 LTS TYPO3 versions prior to 13.4.3 LTS Description: A vulnerability has been identified in the backend user interface functionality involving deep links, which is susceptibl...

7.5CVSS7.5AI score0.00352EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2025/01/14 12:0 a.m.4 views

PT-2025-3150 · Typo3 · Typo3

Name of the Vulnerable Software and Affected Versions: TYPO3 versions prior to 11.5.42 ELTS TYPO3 versions prior to 12.4.25 LTS TYPO3 versions prior to 13.4.3 LTS Description: A vulnerability has been identified in the backend user interface functionality involving deep links, which is susceptibl...

5.4CVSS6.8AI score0.00183EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2025/01/14 12:0 a.m.8 views

PT-2025-3160 · Typo3 · Typo3

Name of the Vulnerable Software and Affected Versions: TYPO3 versions prior to 11.5.42 ELTS Description: A vulnerability has been identified in the backend user interface functionality involving deep links, which is susceptible to Cross-Site Request Forgery CSRF. State-changing actions in...

4.3CVSS6.8AI score0.00218EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/01/14 12:0 a.m.4 views

PT-2025-3144 · Typo3 · Typo3

Name of the Vulnerable Software and Affected Versions: TYPO3 versions prior to 11.5.42 ELTS TYPO3 versions prior to 12.4.25 LTS TYPO3 versions prior to 13.4.3 LTS Description: A vulnerability has been identified in the backend user interface functionality involving deep links, which is susceptibl...

4.3CVSS6.8AI score0.00235EPSS
Exploits0References12
Rows per page
Query Builder