EUVD-2020-1468

Malware in sbrugna...

CVE-2020-26229

TYPO3 is an open source PHP based web content management system. In TYPO3 from version 10.4.0, and before version 10.4.10, RSS widgets are susceptible to XML external entity processing. This vulnerability is reasonable, but is theoretical - it was not possible to actually reproduce the...

Xxe

TYPO3 is an open source PHP based web content management system. In TYPO3 from version 10.4.0, and before version 10.4.10, RSS widgets are susceptible to XML external entity processing. This vulnerability is reasonable, but is theoretical - it was not possible to actually reproduce the...

XML External Entity in Dashboard Widget

Problem It has been discovered that RSS widgets are susceptible to XML external entity processing. This vulnerability is reasonable, but is theoretical - it was not possible to actually reproduce the vulnerability with current PHP versions of supported and maintained system distributions. At leas...

CVE-2020-26229

TYPO3 RSS widgets (Dashboard) are affected by an XML External Entity (XXE) issue in TYPO3 10.4.0–10.4.9, enabling XXE processing due to vulnerable XML handling. The issue is considered low risk/limited impact and notable for requiring a backend user account; no public exploitation details are pro...

PT-2020-16358 · Xmlsoft +1 · Libxml2 +1

Name of the Vulnerable Software and Affected Versions: TYPO3 versions 10.4.0 through 10.4.9 Description: The issue concerns XML external entity processing in RSS widgets, which is reasonable but theoretical, as it could not be reproduced with current PHP versions of supported and maintained syste...

XML External Entity in Dashboard Widget

It has been discovered that RSS widgets are susceptible to XML external entity processing. This vulnerability is reasonable, but is theoretical - it was not possible to actually reproduce the vulnerability with current PHP versions of supported and maintained system distributions...