1702 matches found
TYPO3-EXT-SA-2023-005: SQL Injection in extension "ipandlanguageredirect" (ipandlanguageredirect)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2023-005...
TYPO3-EXT-SA-2023-004: Cross-Site Scripting in extension "Faceted Search" (ke_search)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2023-004...
TYPO3-EXT-SA-2023-004: Cross-Site Scripting in extension "Faceted Search" (ke_search)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2023-004...
Microweber Business Logic Errors
More info at https://nvd.nist.gov/vuln/detail/CVE-2023-6566...
Microweber Business Logic Errors
More info at https://nvd.nist.gov/vuln/detail/CVE-2023-6566...
SS-2023-001 - XSS vulnerability in underlying TinyMCE library
More info at https://www.silverstripe.org/download/security-releases/SS-2023-001...
CVE-2023-22729 - Open redirect vulnerability on CMSSecurity relogin screen
More info at https://www.silverstripe.org/download/security-releases/cve-2023-22729...
CVE-2023-22728 - Missing permission check in GridFieldPrintButton
More info at https://www.silverstripe.org/download/security-releases/cve-2023-22728...
Directory traversal vulnerability in the file manager
More info at https://contao.org/en/security-advisories/directory-traversal-in-the-file-manager.html...
Directory traversal vulnerability in the file manager
More info at https://contao.org/en/security-advisories/directory-traversal-in-the-file-manager.html...
Improper header validation
Impact Improper header parsing. An attacker could sneak in a newline \n into both the header names and values. While the specification states that \r\n\r\n is used to terminate the header list, many servers in the wild will also accept \n\n. Patches The issue is patched in 1.9.1 and 2.4.5...
Improper Input Validation in headers
Description Impact Improper header parsing. An attacker could sneak in a newline \n into both the header names and values. While the specification states that \r\n\r\n is used to terminate the header list, many servers in the wild will also accept \n\n. Patches The issue is patched in 1.6.1...
Improper Input Validation in headers
Impact Improper header parsing. An attacker could sneak in a newline \n into both the header names and values. While the specification states that \r\n\r\n is used to terminate the header list, many servers in the wild will also accept \n\n. Patches The issue is patched in 1.6.1. Workarounds Ther...
Cross site scripting vulnerability in Javascript escaping
Impact An attacker could exploit this vulnerability to execute arbitrary JavaScript code in the context of the user's browser session. This may lead to unauthorized access to sensitive user data, manipulation of the web application's behavior, or unauthorized actions performed on behalf of the...
TYPO3-EXT-SA-2023-003: Cross-Site Scripting in extension "Fluid Components" (fluid_components)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2023-003...
TYPO3-EXT-SA-2023-003: Cross-Site Scripting in extension "Fluid Components" (fluid_components)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2023-003...
PHAR deserialization allowing remote code execution
Description Description snappy is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the fileexists function. If an attacker can upload files of any type to the server he can pass in the phar:// protocol to unserialize the uploaded file and...
PHAR deserialization allowing remote code execution
Description snappy is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the fileexists function. If an attacker can upload files of any type to the server he can pass in the phar:// protocol to unserialize the uploaded file and instantiate arbitra...
CVE-2023-28104 DDOS attack on graphql endpoints
More info at https://www.silverstripe.org/download/security-releases/CVE-2023-28104...
Infinite Loop vulnerability
Math/PrimeField.php in phpseclib has an infinite loop with composite primefields. This vulnerability was introduced in version 3.0.0, and has been patched in 3.0.19. The CVE for this issue originally identified the the vulnerable version as 2.x, however, the vulnerable functionality was not...
CVE-2023-25575: Secured properties may be accessible within collections
Impact Resource properties secured with the security option of the ApiPlatform\Metadata\ApiProperty attribute can be disclosed to unauthorized users. The problem affects most serialization formats, including raw JSON, which is enabled by default when installing API Platform. Custom serialization...
ReactPHP's HTTP server continues parsing unused multipart parts after reaching limits
Summary Previous versions of ReactPHP's HTTP server component contain a potential DoS vulnerability that can cause high CPU load when processing large HTTP request bodies. This vulnerability has little to no impact on the default configuration, but can be exploited when explicitly using the...
TYPO3-EXT-SA-2023-002: Persisted Cross-Site Scripting in extension "Forms Export" (frp_form_answers)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2023-002...
TYPO3-EXT-SA-2023-002: Persisted Cross-Site Scripting in extension "Forms Export" (frp_form_answers)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2023-002...
TYPO3-CORE-SA-2023-001: Persisted Cross-Site Scripting in Frontend Rendering
More info at https://typo3.org/security/advisory/typo3-core-sa-2023-001...
TYPO3-CORE-SA-2023-001: Persisted Cross-Site Scripting in Frontend Rendering
More info at https://typo3.org/security/advisory/typo3-core-sa-2023-001...
CVE-2022-24894: Prevent storing cookie headers in HttpCache
More info at https://symfony.com/cve-2022-24894...
CVE-2022-24894: Prevent storing cookie headers in HttpCache
More info at https://symfony.com/cve-2022-24894...
CVE-2022-24895: Possible CSRF token fixation
More info at https://symfony.com/cve-2022-24895...
CVE-2022-24895: Possible CSRF token fixation
More info at https://symfony.com/cve-2022-24895...
Dompdf vulnerable to URI validation failure on SVG parsing
Summary The URI validation on dompdf 2.0.1 can be bypassed on SVG parsing by passing tags with uppercase letters. This might leads to arbitrary object unserialize on PHP tags, in src/Image/Cache.php : if $type === "svg" $parser = xmlparsercreate"utf-8"; xmlparsersetoption$parser,...
TYPO3-EXT-SA-2023-001: Broken Access Control in extension "femanager" (femanager)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2023-001...
CVE-2022-46170: Potential Session Handlers Vulnerability
Impact When an application uses 1 multiple session cookies e.g., one for user pages and one for admin pages and 2 a session handler is set to DatabaseHandler, MemcachedHandler, or RedisHandler, then if an attacker gets one session cookie e.g., one for user pages, they may be able to access pages...
CVE-2022-23556: Attackers may spoof IP address when using proxy
Impact This vulnerability may allow attackers to spoof their IP address when your server is behind a reverse proxy. Patches Upgrade to v4.2.11 or later, and configure Config\App::$proxyIPs. Workarounds Do not use $request-getIPAddress. References -...
CVE-2022-42949 - Subsite weakens file permissions
More info at https://www.silverstripe.org/download/security-releases/cve-2022-42949...
TYPO3-EXT-SA-2022-016: Insufficient Session Expiration after Password Change in extension "Change password for frontend users" (fe_change_pwd)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2022-016...
TYPO3-EXT-SA-2022-016: Insufficient Session Expiration after Password Change in extension "Change password for frontend users" (fe_change_pwd)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2022-016...
TYPO3-EXT-SA-2022-017: Multiple vulnerabilities in extension "Newsletter subscriber management" (fp_newsletter)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2022-017...
TYPO3-EXT-SA-2022-018: Multiple vulnerabilities in extension "Master-Quiz" (fp_masterquiz)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2022-018...
TYPO3-CORE-SA-2022-017: By-passing Cross-Site Scripting Protection in HTML Sanitizer
More info at https://typo3.org/security/advisory/typo3-core-sa-2022-017...
TYPO3-CORE-SA-2022-017: By-passing Cross-Site Scripting Protection in HTML Sanitizer
More info at https://typo3.org/security/advisory/typo3-core-sa-2022-017...
TYPO3-CORE-SA-2022-016: Sensitive Information Disclosure via YAML Placeholder Expressions in Site Configuration
More info at https://typo3.org/security/advisory/typo3-core-sa-2022-016...
TYPO3-CORE-SA-2022-016: Sensitive Information Disclosure via YAML Placeholder Expressions in Site Configuration
More info at https://typo3.org/security/advisory/typo3-core-sa-2022-016...
TYPO3-CORE-SA-2022-015: Arbitrary Code Execution via Form Framework
More info at https://typo3.org/security/advisory/typo3-core-sa-2022-015...
TYPO3-CORE-SA-2022-015: Arbitrary Code Execution via Form Framework
More info at https://typo3.org/security/advisory/typo3-core-sa-2022-015...
TYPO3-CORE-SA-2022-014: Insufficient Session Expiration after Password Reset
More info at https://typo3.org/security/advisory/typo3-core-sa-2022-014...
TYPO3-CORE-SA-2022-014: Insufficient Session Expiration after Password Reset
More info at https://typo3.org/security/advisory/typo3-core-sa-2022-014...
TYPO3-CORE-SA-2022-013: Weak Authentication in Frontend Login
More info at https://typo3.org/security/advisory/typo3-core-sa-2022-013...
TYPO3-CORE-SA-2022-013: Weak Authentication in Frontend Login
More info at https://typo3.org/security/advisory/typo3-core-sa-2022-013...
TYPO3-CORE-SA-2022-012: Denial of Service in Page Error Handling
More info at https://typo3.org/security/advisory/typo3-core-sa-2022-012...