Kitodo.presentation@* Security Vulnerabilities and Issues — Kitodo.presentation@* CVE List

Lucene search

KitodoKitodo.presentation*

2 matches found

CVE•added 2022/02/19 4:15 a.m.•84 views

CVE-2022-24980

An issue was discovered in the Kitodo.Presentation (aka dif) extension before 2.3.2, 3.x before 3.2.3, and 3.3.x before 3.3.4 for TYPO3. A missing access check in an eID script allows an unauthenticated user to submit arbitrary URLs to this component. This results in SSRF, allowing attackers to vie...

7.5CVSS7.5AI score0.00857EPSS

CVE•added 2020/07/29 3:15 p.m.•58 views

CVE-2020-16095

The dlf (aka Kitodo.Presentation) extension before 3.1.2 for TYPO3 allows XSS.

6.1CVSS6.2AI score0.00325EPSS