typo3/cms-core vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
GHSA-GQQF-G5R7-84VFMediumtypo3/cms-core: TYPO3 HTML Sanitizer Bypasses Cross-Site Scripting ProtectionCVE-2022-31050Mediumtypo3/cms-core: Insufficient Session Expiration in TYPO3's Admin ToolCVE-2022-31049Mediumtypo3/cms-core: Cross-Site Scripting in TYPO3's Frontend Login MailerCVE-2022-31048Mediumtypo3/cms-core: Cross-Site Scripting in TYPO3's Form FrameworkCVE-2022-31047Mediumtypo3/cms-core: Insertion of Sensitive Information into Log File in typo3/cms-coreCVE-2022-31046Mediumtypo3/cms-core: Information Disclosure via Export ModuleCVE-2019-12747Hightypo3/cms-core: TYPO3 Vulnerable to Insecure DeserializationCVE-2019-12748Mediumtypo3/cms-core: Typo3 Cross-Site Scripting in Link HandlingCVE-2019-11832Hightypo3/cms-core: TYPO3 Image Processing susceptible to Code ExecutionCVE-2019-19850Mediumtypo3/cms: TYPO3 SQL Injection in low-level Query GeneratorCVE-2019-19849Hightypo3/cms-core: TYPO3 Insecure Deserialization in Query Generator & Query ViewCVE-2019-19848Mediumtypo3/cms-core: TYPO3 Directory Traversal on ZIP extractionCVE-2013-1842Hightypo3/cms-core: TYPO3 SQL injection vulnerability in the Extbase FrameworkCVE-2013-1843Mediumtypo3/cms-core: TYPO3 Open redirect vulnerability in the Access tracking mechanism CVE-2013-7081Mediumtypo3/cms-core: TYPO3 Improper Access Control vulnerabilityCVE-2013-7080Mediumtypo3/cms-core: TYPO3 is vulnerable to Mass Assignment in the Extension table administration libraryCVE-2013-4320Mediumtypo3/cms-core: TYPO3 Improper Access Management in the File Abstraction LayerCVE-2010-5104Mediumtypo3/cms-core: TYPO3 Sensitive Information Disclosure via escapeStrForLike methodCVE-2013-7078Lowtypo3/cms-core: TYPO3 Cross-site scripting (XSS) vulnerability in the Extbase FrameworkCVE-2013-7077Mediumtypo3/cms-core: TYPO3 Cross-site scripting (XSS) vulnerability in the Backend User Administration Module CVE-2009-3633Mediumtypo3/cms-core: TYPO3 API function vulnerable to Cross-site ScriptingCVE-2008-2717Mediumtypo3/cms-core: TYPO3 Unrestricted File Upload vulnerabilityCVE-2010-3673Mediumtypo3/cms-core: TYPO3 is vulnerable to Information Disclosure in the HTML mailing APICVE-2021-41113Hightypo3/cms-core: Cross-Site-Request-Forgery in BackendCVE-2021-41114Mediumtypo3/cms-core: HTTP Host Header Injection

Stop the waste.
Protect your environment with Kodem.