Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Typo3
(Typo3)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 181 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2019-11-06 | CVE-2011-4632 | Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the tcemain flash message. | Typo3 | N/A | ||
2019-11-06 | CVE-2011-4628 | TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to bypass authentication mechanisms in the backend through a crafted request. | Typo3 | N/A | ||
2019-11-06 | CVE-2011-4627 | TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows Information Disclosure on the backend. | Typo3 | N/A | ||
2019-11-06 | CVE-2011-4626 | Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the "JSwindow" property of the typolink function. | Typo3 | N/A | ||
2019-11-05 | CVE-2010-3673 | TYPO3 before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows information disclosure in the mail header of the HTML mailing API. | Typo3 | N/A | ||
2019-11-05 | CVE-2010-3672 | TYPO3 before 4.3.4 and 4.4.x before 4.4.1 allows XSS in the textarea view helper in an extbase extension. | Typo3 | N/A | ||
2019-11-04 | CVE-2010-3669 | TYPO3 before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows XSS and Open Redirection in the frontend login box. | Typo3 | N/A | ||
2019-11-05 | CVE-2010-3674 | TYPO3 before 4.4.1 allows XSS in the frontend search box. | Debian_linux, Typo3 | N/A | ||
2019-11-04 | CVE-2010-3668 | TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Header Injection in the secure download feature jumpurl. | Typo3 | N/A | ||
2019-11-04 | CVE-2010-3667 | TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Spam Abuse in the native form content element. | Typo3 | N/A |