typo3/cms-backend vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-47352Mediumtypo3/cms-core: TYPO3 CMS has Broken Access Control in Backend APICVE-2026-47351Mediumtypo3/cms-core: TYPO3 CMS: Broken Access Control in Media ModuleCVE-2026-6553Hightypo3/cms-backend: TYPO3 CMS Stores Cleartext Password in User Settings ModuleCVE-2025-59020Mediumtypo3/cms-backend: TYPO3 CMS Allows Broken Access Control in Edit Document ControllerCVE-2025-59017Mediumtypo3/cms-workspaces: TYPO3 backend modules have Broken Access ControlCVE-2025-59019Mediumtypo3/cms-backend: TYPO3 CSV download feature information disclosureCVE-2025-59014Mediumtypo3/cms-backend: TYPO3 Bookmark Toolbar vulnerable to denial of serviceCVE-2025-47941Hightypo3/cms-backend: The TYPO3 CMS Backend has Broken Authentication in Backend MFACVE-2024-34537Lowtypo3/cms-backend: Denial of Service in TYPO3 Bookmark ToolbarCVE-2024-47780Lowtypo3/cms-backend: Information Disclosure in TYPO3 Page TreeCVE-2010-3715Mediumtypo3/cms-backend: TYPO3 cross-site scripting (XSS) vulnerability in the RemoveXSS function and the backendCVE-2008-5644Mediumtypo3/cms-backend: TYPO3 Cross-site Scripting vulnerability in the file backend moduleCVE-2010-3659Mediumtypo3/cms-backend: TYPO3 Cross-site Scripting vulnerability in the extension manager and backend formsCVE-2009-3628Mediumtypo3/cms-backend: TYPO3 Backend Discloses Encryption KeyCVE-2009-3630Mediumtypo3/cms-backend: TYPO3 Backend vulnerable to Frame HijackingCVE-2009-3631Hightypo3/cms-backend: TYPO3 Backend Command Injection via Shell Metacharacters in Uploaded File NameCVE-2009-3629Lowtypo3/cms-backend: TYPO3 Backend vulnerable to Cross-site ScriptingCVE-2010-3664Mediumtypo3/cms-backend: TYPO3 is vulnerable to Information Disclosure on the backendCVE-2010-3663Hightypo3/cms-backend: TYPO3 Arbitrary Code Execution vulnerability on the backendCVE-2010-3662Hightypo3/cms-backend: TYPO3 SQL injection vulnerability on the backendCVE-2010-3661Mediumtypo3/cms-backend: TYPO3 Open Redirection vulnerability on the backendCVE-2010-3660Mediumtypo3/cms-backend: TYPO3 is vulnerable to Cross-Site Scripting (XSS) on the backendCVE-2021-21370Mediumtypo3/cms-backend: Cross-Site Scripting in Content Preview (CType menu)CVE-2021-21340Mediumtypo3/cms-backend: Cross-Site Scripting in Content Preview

Stop the waste.
Protect your environment with Kodem.