typo3/cms is vulnerable to Sensitive Information Disclosure. The vulnerability is due to mechanisms used for configuration of RequireJS package loading, which can potentially allow an attacker to retrieve additional information about the installed system and third-party extensions.