TYPO3-CORE-SA-2021-005: Denial of Service in Page Error Handling

More info at https://typo3.org/security/advisory/typo3-core-sa-2021-005...

TYPO3-CORE-SA-2020-010: Cross-Site Scripting in Fluid view helpers

More info at https://typo3.org/security/advisory/typo3-core-sa-2020-010...

Sensitive Information Disclosure in extension "Media Content Element" (mediace)

More info at https://typo3.org/security/advisory/typo3-ext-sa-2020-014...

TYPO3-CORE-SA-2020-004: Class destructors causing side-effects when being unserialized

More info at https://typo3.org/security/advisory/typo3-core-sa-2020-004...

Security Misconfiguration in Frontend Session Handling

More info at https://typo3.org/security/advisory/typo3-core-sa-2019-018...

PRODSECBUG-2371: Stored cross-site scripting in the admin panel

More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23...

PRODSECBUG-2317: Stored cross-site scripting in admin panel

More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23...

A logged in back end user can include arbitrary existing PHP files by manipulating an URL parameter

More info at https://contao.org/en/news/contao-441.html...

Cross-site scripting (XSS) vulnerability in flashmediaelement.swf in MediaElement.js before 2.11.2 (see CVE-2013-1967)

More info at https://contao.org/en/news/contao-3515.html...

Request::getHost() poisoning

More info at https://symfony.com/blog/security-releases-symfony-2-0-24-2-1-12-2-2-5-and-2-3-3-released...

Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.

There was a problem hiding this comment. Choose a reason for hiding this comment The reason will be displayed to describe this comment to others. Learn more. Choose a reason Spam Abuse Off Topic Outdated Duplicate Resolved Hide comment I'm afraid this change is wrong. fileexists is not the only...

CVE-2020-15146: Remote Code Execution in OptionsParser while using request parameters inside expression language

Impact Request parameters injected inside an expression evaluated by symfony/expression-language package haven't been sanitized properly. This allows the attacker to access any public service by manipulating that request parameter, allowing for Remote Code Execution. The vulnerable versions...

Drupal core - Moderately critical - Multiple Vulnerabilities - SA-CORE-2019-005

More info at https://www.drupal.org/sa-core-2019-005...

Cross site scripting via HTML attributes in the back end

More info at https://contao.org/en/security-advisories/cross-site-scripting-via-html-attributes-in-the-back-end.html...

Argument injection via newline in PHP INI values forwarded to child processes

Impact PHPUnit forwards PHP INI settings to child processes used for isolated/PHPT test execution as -d name=value command-line arguments without neutralizing INI metacharacters. Because PHP's INI parser interprets " as a string delimiter, ; as the start of a comment, and most importantly a newli...

TYPO3-EXT-SA-2025-006: Insecure Direct Object Reference in extension "femanager" (femanager)

More info at https://typo3.org/security/advisory/typo3-ext-sa-2025-006...

Laravel environment manipulation via query string

Description When the registerargcargv php directive is set to on , and users call any URL with a special crafted query string, they are able to change the environment used by the framework when handling the request. Resolution The framework now ignores argv values for environment detection on...

TYPO3-EXT-SA-2024-003: Multiple vulnerabilities in "Events 2" (events2)

More info at https://typo3.org/security/advisory/typo3-ext-sa-2024-003...

CVE-2023-25575: Secured properties may be accessible within collections

Impact Resource properties secured with the security option of the ApiPlatform\Metadata\ApiProperty attribute can be disclosed to unauthorized users. The problem affects most serialization formats, including raw JSON, which is enabled by default when installing API Platform. Custom serialization...

CVE-2022-23556: Attackers may spoof IP address when using proxy

Impact This vulnerability may allow attackers to spoof their IP address when your server is behind a reverse proxy. Patches Upgrade to v4.2.11 or later, and configure Config\App::$proxyIPs. Workarounds Do not use $request-getIPAddress. References -...

TYPO3-EXT-SA-2022-015: Broken Access Control in extension "femanager" (femanager)

More info at https://typo3.org/security/advisory/typo3-ext-sa-2022-015...

TYPO3-CORE-SA-2022-002: Information Disclosure via Exception Handling/Logger

More info at https://typo3.org/security/advisory/typo3-core-sa-2022-002...

CVE-2022-38462 - Reflected XSS in querystring parameters

More info at https://www.silverstripe.org/download/security-releases/cve-2022-38462...

CVE-2021-28661 Default GraphQL permission checker not inherited by query subclass

More info at https://www.silverstripe.org/download/security-releases/CVE-2021-28661...

TYPO3-CORE-SA-2021-003: Broken Access Control in Form Framework

More info at https://typo3.org/security/advisory/typo3-core-sa-2021-003...

TYPO3-CORE-SA-2020-007: Potential Privilege Escalation

More info at https://typo3.org/security/advisory/typo3-core-sa-2020-007...

TYPO3-CORE-SA-2020-003: Cross-Site Scripting in Link Handling

More info at https://typo3.org/security/advisory/typo3-core-sa-2020-003...

SQL injection relating to searching

More info at https://www.phpmyadmin.net/security/PMASA-2020-3/...

XXE Vulnerability

This is: - a bugfix - a new feature - X security Checklist: - X Changes are covered by unit tests - X Code style is respected - X Commit message explains why the change is made see https://github.com/erlang/otp/wiki/Writing-good-commit-messages - X CHANGELOG.md contains a short summary of the...

PRODSECBUG-2353: Stored cross-site scripting in the admin panel

More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23...

PRODSECBUG-2371: Stored cross-site scripting in the admin panel

More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23...

PRODSECBUG-2300: Information about disabled products can be leaked due to inadequate validation checks

More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23...

PRODSECBUG-2299: Stored cross-site scripting in the admin panel

More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13...

PRODSECBUG-2317: Stored cross-site scripting in admin panel

More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23...

PHP Code Injection

phpWhois PHP Code Injection Vulnerability Overview phpWhois and some of its forks in versions before 5.1.0 are prone to a code injection vulnerability due to insufficient sanitization of returned WHOIS data. This allows attackers controlling the WHOIS information of a requested domain to execute...

CVE-2017-16652: Open redirect vulnerability on security handlers

More info at https://symfony.com/cve-2017-16652...

Remote Code Execution

SECURITY Critical security update for CVE-2016-10033 please update now! Thanks to Dawid Golunski. - Add ability to extract the SMTP transaction ID from some common SMTP success messages - Minor documentation tweaks...

Code injection in the way Symfony implements translation caching in FrameworkBundle

More info at https://symfony.com/blog/security-releases-cve-2014-4931-symfony-2-3-18-2-4-8-and-2-5-2-released...

CVE-2020-5220: Ability to define unintended serialisation groups via HTTP header which might lead to data exposure

Impact ResourceBundle accepts and uses any serialisation groups to be passed via a HTTP header. This might lead to data exposure by using an unintended serialisation group - for example it could make Shop API use a more permissive group from Admin API. Anyone exposing an API with ResourceBundle's...

Cross-site scripting (XSS) vulnerability in the system log

More info at https://contao.org/en/security-advisories/cross-site-scripting-in-the-system-log-2021.html...

Stored XSS vulnerability on Bounce Management Callback

Impact Insufficient sanitization / filtering allows for arbitrary JavaScript Injection in Mautic using the bounce management callback function. The values submitted in the "error" and "errorrelatedto" parameters of the POST request of the bounce management callback will be permanently stored and...

CVE-2023-49783 No permission checks for editing or deleting records with CSV import form

More info at https://www.silverstripe.org/download/security-releases/CVE-2023-49783...

Potential URI resolution path traversal in the AWS SDK for PHP

More info at https://nvd.nist.gov/vuln/detail/CVE-2023-51651...

Improper header validation

Impact Improper header parsing. An attacker could sneak in a newline \n into both the header names and values. While the specification states that \r\n\r\n is used to terminate the header list, many servers in the wild will also accept \n\n. Patches The issue is patched in 1.9.1 and 2.4.5...

TYPO3-CORE-SA-2022-017: By-passing Cross-Site Scripting Protection in HTML Sanitizer

More info at https://typo3.org/security/advisory/typo3-core-sa-2022-017...

Possibility to load a template outside a configured directory when using the filesystem loader

More info at https://symfony.com/blog/twig-security-release-possibility-to-load-a-template-outside-a-configured-directory-when-using-the-filesystem-loader...

TYPO3-CORE-SA-2022-003: Cross-Site Scripting in Form Framework

More info at https://typo3.org/security/advisory/typo3-core-sa-2022-003...

PHP Code Injection by malicious block or filename

Impact Template authors could inject php code by choosing a malicous block name or include file name. Sites that cannot fully trust template authors should update asap. Patches Please upgrade to the most recent version of Smarty v3 or v4. Workarounds Is there a way for users to fix or remediate t...

URL Redirection to Untrusted Site ('Open Redirect')

Impact Releases prior to 3.0.1 are vulnerable to an open redirect vulnerability that allows an attacker to construct a URL that redirects to an arbitrary external domain. Patches 3.0.1 contains a fix for this vulnerability. The 1.x and 2.x releases are not maintained anymore. References...

TYPO3-CORE-SA-2021-013: Cross-Site Scripting via Rich-Text Content

More info at https://typo3.org/security/advisory/typo3-core-sa-2021-013...