typo3/cms-core vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2021-32768Mediumtypo3/cms-core: Cross-Site Scripting via Rich-Text ContentCVE-2021-32767Mediumtypo3/cms-core: Information Disclosure in User AuthenticationCVE-2021-32669Mediumtypo3/cms-core: Cross-Site Scripting in Backend Grid ViewCVE-2021-32668Mediumtypo3/cms-core: Cross-Site Scripting in Query Generator & Query ViewCVE-2021-32667Mediumtypo3/cms-core: Cross-Site Scripting in Page PreviewCVE-2021-21370Mediumtypo3/cms-backend: Cross-Site Scripting in Content Preview (CType menu)CVE-2021-21359Mediumtypo3/cms-core: Denial of Service in Page Error HandlingCVE-2021-21358Mediumtypo3/cms-form: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in…CVE-2021-21357Hightypo3/cms-form: Broken Access Control in Form FrameworkCVE-2021-21355Hightypo3/cms-form: Unrestricted File Upload in Form FrameworkCVE-2021-21340Mediumtypo3/cms-backend: Cross-Site Scripting in Content PreviewCVE-2021-21339Mediumtypo3/cms-core: Cleartext storage of session identifierCVE-2021-21338Mediumtypo3/cms-core: Open Redirection in Login HandlingCVE-2020-26227Mediumtypo3/cms-core: Cross-Site Scripting in Fluid view helpersCVE-2020-26229Lowtypo3/cms-core: XML External Entity in Dashboard WidgetCVE-2020-26228Hightypo3/cms-core: Cleartext storage of session identifierCVE-2020-15241Mediumtypo3fluid/fluid: Cross-Site Scripting in ternary conditional operatorCVE-2020-15099Hightypo3/cms-core: Exposure of Sensitive Information to an Unauthorized Actor in TYPO3 CMSCVE-2020-15098Hightypo3/cms-core: Missing Required Cryptographic Step Leading to Sensitive Information Disclosure in TYPO3 CMSCVE-2020-11069Hightypo3/cms-core: Backend Same-Site Request Forgery in TYPO3 CMSCVE-2020-11067Hightypo3/cms-core: Insecure Deserialization in Backend User Settings in TYPO3 CMSCVE-2020-11066Hightypo3/cms-core: Class destructors causing side-effects when being unserialized in TYPO3 CMSCVE-2020-11065Mediumtypo3/cms-core: Cross-Site Scripting in TYPO3 CMS Link HandlingCVE-2020-11064Mediumtypo3/cms-core: Cross-Site Scripting in TYPO3 CMS Form EngineCVE-2020-11063Lowtypo3/cms-core: Information Disclosure in Password Reset

Stop the waste.
Protect your environment with Kodem.