typo3/cms vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2011-4901Mediumtypo3/cms: Typo3 Arbitrary Information DisclosureCVE-2011-4902Mediumtypo3/cms: Typo3 Arbitrary File DeleteCVE-2011-4632Mediumtypo3/cms: Typo3 XSS VulnerabilitiesCVE-2011-4904Mediumtypo3/cms: Typo3 Improper Access ControlCVE-2011-4900Mediumtypo3/cms: Typo3 Information DisclosureCVE-2011-4628Criticaltypo3/cms: Typo3 Authentication BypassCVE-2011-4630Mediumtypo3/cms: Typo3 XSS VulnerabilityCVE-2011-4627Mediumtypo3/cms: Typo3 Information DisclosureCVE-2016-5385Highguzzlehttp/guzzle: HTTP Proxy header vulnerabilityCVE-2021-41113Hightypo3/cms-core: Cross-Site-Request-Forgery in BackendCVE-2021-41114Mediumtypo3/cms-core: HTTP Host Header InjectionCVE-2021-32768Mediumtypo3/cms-core: Cross-Site Scripting via Rich-Text ContentCVE-2021-32767Mediumtypo3/cms-core: Information Disclosure in User AuthenticationCVE-2021-32669Mediumtypo3/cms-core: Cross-Site Scripting in Backend Grid ViewCVE-2021-32668Mediumtypo3/cms-core: Cross-Site Scripting in Query Generator & Query ViewCVE-2021-32667Mediumtypo3/cms-core: Cross-Site Scripting in Page PreviewCVE-2021-21370Mediumtypo3/cms-backend: Cross-Site Scripting in Content Preview (CType menu)CVE-2021-21359Mediumtypo3/cms-core: Denial of Service in Page Error HandlingCVE-2021-21358Mediumtypo3/cms-form: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in typo3/cms-formCVE-2021-21357Hightypo3/cms-form: Broken Access Control in Form FrameworkCVE-2021-21355Hightypo3/cms-form: Unrestricted File Upload in Form FrameworkCVE-2021-21340Mediumtypo3/cms-backend: Cross-Site Scripting in Content PreviewCVE-2021-21339Mediumtypo3/cms-core: Cleartext storage of session identifierCVE-2021-21338Mediumtypo3/cms-core: Open Redirection in Login HandlingCVE-2020-26227Mediumtypo3/cms-core: Cross-Site Scripting in Fluid view helpers

Stop the waste.
Protect your environment with Kodem.