typo3/cms vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2012-3529Lowtypo3/cms: Typo3 Backend Configuration XSS VulnerabilityCVE-2012-3530Mediumtypo3/cms: Typo3 API XSS VulnerabilityCVE-2012-3531Mediumtypo3/cms: Typo3 Install Tool XSS VulnerabilityCVE-2012-6144Mediumtypo3/cms: Typo3 Backend History Module Vulnerable to SQL InjectionCVE-2012-6148Lowtypo3/cms: Typo3 Function Menu API XSS VulnerabilityCVE-2012-6145Lowtypo3/cms: Typo3 Backend History Module Vulnerable to XSSCVE-2012-6147Lowtypo3/cms: Typo3 Backend API XSS VulnerabilityCVE-2013-7074Lowtypo3/cms: TYPO3 Cross-Site Scripting (XSS) vulnerabilities in Content Editing Wizards componentCVE-2017-14251Hightypo3/cms: TYPO3 Arbitrary Code ExecutionCVE-2014-3941Mediumtypo3/cms: Typo3 Host Header Spoofing VulnerabilityCVE-2014-3943Lowtypo3/cms: Typo3 XSS VulnerabilitiesCVE-2014-3942Hightypo3/cms: TYPO3 Color Picker Wizard component allows remote authenticated editors to execute arbitrary PHP codeCVE-2018-6905Mediumtypo3/cms: Typo3 XSS VulnerabilityCVE-2015-5956Lowtypo3/cms: TYPO3 cross-site scripting (XSS)CVE-2017-6370Mediumtypo3/cms: TYPO3 Information Disclosure VulnerabilityCVE-2013-7341Mediummoodle/moodle: Moodle cross-site scripting (XSS) vulnerabilitiesCVE-2010-1153Hightypo3/cms: TYPO3 PHP remote file inclusion vulnerabilityCVE-2009-3635Mediumtypo3/cms: TYPO3 Install Tool Subcomponent Allows Access Using Only a Password's MD5 Hash as a CredentialCVE-2009-0816Mediumtypo3/cms: Typo3 Backend XSS VulnerabilityCVE-2009-0815Mediumtypo3/cms: TYPO3 leaks a hash secret in an error messageCVE-2009-0258Hightypo3/cms: Indexed Search Engine for TYPO3 Command Execution via Metacharacter InjectionCVE-2009-0256Hightypo3/cms: Authentication library in TYPO3 vulnerable to session fixationCVE-2005-4875Hightypo3/cms: TYPO3 Reveals Sensitive Information via Direct Request to `misc/phpcheck/`CVE-2011-3583Criticaltypo3/cms: Typo3 SQL injection due to faulty prepared statementsCVE-2011-4903Mediumtypo3/cms: Typo3 XSS in RemoveXSS function

Stop the waste.
Protect your environment with Kodem.