Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/typo3/cms@8.7.6
Typecomposer
Namespacetypo3
Namecms
Version8.7.6
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version9.5.29
Latest_non_vulnerable_version12.2.0
Affected_by_vulnerabilities
0
url VCID-1ffs-9vj5-27hk
vulnerability_id VCID-1ffs-9vj5-27hk
summary 
Path Traversal
Due to improper input validation, attackers can by-pass restrictions of predefined options and submit arbitrary data in the Form Designer backend module of the Form Framework. In the default configuration of the Form Framework this allows attackers to explicitly allow arbitrary mime-types for file uploads - however, default `_fileDenyPattern_` successfully blocked files like `_.htaccess_` or `_malicious.php_`. Besides that, attackers can persist those files in any writable directory of the corresponding TYPO3 installation. A valid backend user account with access to the form module is needed to exploit this vulnerability.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-21357
reference_id
reference_type
scores
0
value 0.01121
scoring_system epss
scoring_elements 0.78611
published_at 2026-06-05T12:55:00Z
1
value 0.01121
scoring_system epss
scoring_elements 0.78584
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-21357
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21357.yaml
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21357.yaml
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21357.yaml
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21357.yaml
3
reference_url https://packagist.org/packages/typo3/cms-form
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://packagist.org/packages/typo3/cms-form
4
reference_url https://typo3.org/security/advisory/typo3-core-sa-2021-003
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2021-003
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-21357
reference_id CVE-2021-21357
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-21357
6
reference_url https://github.com/advisories/GHSA-3vg7-jw9m-pc3f
reference_id GHSA-3vg7-jw9m-pc3f
reference_type
scores
url https://github.com/advisories/GHSA-3vg7-jw9m-pc3f
7
reference_url https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-3vg7-jw9m-pc3f
reference_id GHSA-3vg7-jw9m-pc3f
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:H/RL:O/RC:C
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-3vg7-jw9m-pc3f
fixed_packages
0
url pkg:composer/typo3/cms@8.7.40
purl pkg:composer/typo3/cms@8.7.40
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-j8hk-bqnb-gycp
1
vulnerability VCID-sdjb-gp4t-vbgt
2
vulnerability VCID-uq77-aax5-k7d8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.40
1
url pkg:composer/typo3/cms@9.5.25
purl pkg:composer/typo3/cms@9.5.25
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rhr-8vaz-hqfj
1
vulnerability VCID-a1g9-pyz5-9fca
2
vulnerability VCID-j8hk-bqnb-gycp
3
vulnerability VCID-sdjb-gp4t-vbgt
4
vulnerability VCID-uq77-aax5-k7d8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.25
2
url pkg:composer/typo3/cms@10.4.14
purl pkg:composer/typo3/cms@10.4.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rhr-8vaz-hqfj
1
vulnerability VCID-a1g9-pyz5-9fca
2
vulnerability VCID-j8hk-bqnb-gycp
3
vulnerability VCID-sdjb-gp4t-vbgt
4
vulnerability VCID-uq77-aax5-k7d8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.4.14
3
url pkg:composer/typo3/cms@11.1.1
purl pkg:composer/typo3/cms@11.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rhr-8vaz-hqfj
1
vulnerability VCID-a1g9-pyz5-9fca
2
vulnerability VCID-fsx8-7qjz-2ubw
3
vulnerability VCID-j8hk-bqnb-gycp
4
vulnerability VCID-sdjb-gp4t-vbgt
5
vulnerability VCID-uq77-aax5-k7d8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@11.1.1
aliases CVE-2021-21357, GHSA-3vg7-jw9m-pc3f
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1ffs-9vj5-27hk
1
url VCID-2rhr-8vaz-hqfj
vulnerability_id VCID-2rhr-8vaz-hqfj
summary 
Cross-site Scripting
TYPO3 is vulnerable to cross-site scripting. Corresponding rendering instructions via TypoScript functionality HTMLparser does not consider all potentially malicious HTML tag & attribute combinations per default. In default scenarios, a valid backend user account is needed to exploit this vulnerability. In case custom plugins used in the website frontend accept and reflect rich-text content submitted by users, no authentication is required.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-32768
reference_id
reference_type
scores
0
value 0.00284
scoring_system epss
scoring_elements 0.52109
published_at 2026-06-05T12:55:00Z
1
value 0.00284
scoring_system epss
scoring_elements 0.52048
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-32768
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32768.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32768.yaml
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32768.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32768.yaml
3
reference_url https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-c5c9-8c6m-727v
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-c5c9-8c6m-727v
4
reference_url https://github.com/TYPO3/typo3/security/advisories/GHSA-c5c9-8c6m-727v
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3/security/advisories/GHSA-c5c9-8c6m-727v
5
reference_url https://typo3.org/security/advisory/typo3-core-sa-2021-013
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2021-013
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-32768
reference_id CVE-2021-32768
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-32768
fixed_packages
0
url pkg:composer/typo3/cms@8.7.42
purl pkg:composer/typo3/cms@8.7.42
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.42
1
url pkg:composer/typo3/cms@9.5.29
purl pkg:composer/typo3/cms@9.5.29
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.29
2
url pkg:composer/typo3/cms@10.4.19
purl pkg:composer/typo3/cms@10.4.19
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.4.19
3
url pkg:composer/typo3/cms@11.3.2
purl pkg:composer/typo3/cms@11.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-b9sw-6tzm-3yhj
1
vulnerability VCID-fsx8-7qjz-2ubw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@11.3.2
aliases CVE-2021-32768, GHSA-c5c9-8c6m-727v
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2rhr-8vaz-hqfj
2
url VCID-3ugj-6m1e-e3hr
vulnerability_id VCID-3ugj-6m1e-e3hr
summary 
Cross-site Scripting
Cross-Site Scripting in Online Media Asset Rendering.
references
0
reference_url https://typo3.org/security/advisory/typo3-core-sa-2018-006/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2018-006/
fixed_packages
0
url pkg:composer/typo3/cms@8.7.21
purl pkg:composer/typo3/cms@8.7.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-4eym-e6vt-8fbs
3
vulnerability VCID-7m6u-k5tp-gkhy
4
vulnerability VCID-848u-w88s-5bbe
5
vulnerability VCID-am6s-67bm-77dr
6
vulnerability VCID-bn3p-39sv-6fdg
7
vulnerability VCID-ev4k-5k1d-2bhu
8
vulnerability VCID-fqkx-v8t5-q3h6
9
vulnerability VCID-fut7-bb1f-37g7
10
vulnerability VCID-j8hk-bqnb-gycp
11
vulnerability VCID-jp1p-rfxa-hyd9
12
vulnerability VCID-k5t3-28es-h3ez
13
vulnerability VCID-khpm-e1xb-hydb
14
vulnerability VCID-nney-azbc-pucg
15
vulnerability VCID-p7gd-anw2-1qbz
16
vulnerability VCID-pmvp-twk2-jqe4
17
vulnerability VCID-qv14-m93d-jyd9
18
vulnerability VCID-rqrw-t2kj-mud8
19
vulnerability VCID-ru6w-m6q6-27gn
20
vulnerability VCID-sdjb-gp4t-vbgt
21
vulnerability VCID-sdsa-mh76-kqch
22
vulnerability VCID-tgyt-axv1-c7ag
23
vulnerability VCID-u259-2sxq-tbct
24
vulnerability VCID-uq77-aax5-k7d8
25
vulnerability VCID-vw2r-g8yy-eyf4
26
vulnerability VCID-x5x1-w7yv-eye9
27
vulnerability VCID-xw1s-93bu-wuh9
28
vulnerability VCID-y7ds-p5r2-yuhq
29
vulnerability VCID-zmwv-gwq3-fkej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.21
1
url pkg:composer/typo3/cms@9.5.2
purl pkg:composer/typo3/cms@9.5.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-3ye6-vqje-abh4
4
vulnerability VCID-4an7-9ph4-mkd4
5
vulnerability VCID-4eym-e6vt-8fbs
6
vulnerability VCID-4jck-w9ct-budk
7
vulnerability VCID-6mnf-2fcw-dqgp
8
vulnerability VCID-7m6u-k5tp-gkhy
9
vulnerability VCID-7xv1-78u7-xufp
10
vulnerability VCID-848u-w88s-5bbe
11
vulnerability VCID-8w4e-d49b-nbg8
12
vulnerability VCID-9adx-p876-kyb5
13
vulnerability VCID-a1g9-pyz5-9fca
14
vulnerability VCID-am6s-67bm-77dr
15
vulnerability VCID-bbh5-rss8-bfct
16
vulnerability VCID-cvk2-93hm-gkhx
17
vulnerability VCID-e6zr-4bgg-kkh5
18
vulnerability VCID-ev4k-5k1d-2bhu
19
vulnerability VCID-fqkx-v8t5-q3h6
20
vulnerability VCID-fut7-bb1f-37g7
21
vulnerability VCID-j8hk-bqnb-gycp
22
vulnerability VCID-jp1p-rfxa-hyd9
23
vulnerability VCID-k5t3-28es-h3ez
24
vulnerability VCID-khpm-e1xb-hydb
25
vulnerability VCID-n1gz-y615-cbbk
26
vulnerability VCID-nney-azbc-pucg
27
vulnerability VCID-p7gd-anw2-1qbz
28
vulnerability VCID-pmvp-twk2-jqe4
29
vulnerability VCID-qv14-m93d-jyd9
30
vulnerability VCID-rqrw-t2kj-mud8
31
vulnerability VCID-ru6w-m6q6-27gn
32
vulnerability VCID-sdjb-gp4t-vbgt
33
vulnerability VCID-sdsa-mh76-kqch
34
vulnerability VCID-tgyt-axv1-c7ag
35
vulnerability VCID-u259-2sxq-tbct
36
vulnerability VCID-uq77-aax5-k7d8
37
vulnerability VCID-vw2r-g8yy-eyf4
38
vulnerability VCID-x5x1-w7yv-eye9
39
vulnerability VCID-xw1s-93bu-wuh9
40
vulnerability VCID-y7ds-p5r2-yuhq
41
vulnerability VCID-zeut-9wfp-q7et
42
vulnerability VCID-zkvq-bms4-gfcv
43
vulnerability VCID-zmwv-gwq3-fkej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.2
aliases GMS-2018-97
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3ugj-6m1e-e3hr
3
url VCID-4eym-e6vt-8fbs
vulnerability_id VCID-4eym-e6vt-8fbs
summary 
Code Injection
Arbitrary Code Execution and Cross-Site Scripting in Backend API.
references
0
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-019/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2019-019/
fixed_packages
0
url pkg:composer/typo3/cms@8.7.27
purl pkg:composer/typo3/cms@8.7.27
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-848u-w88s-5bbe
3
vulnerability VCID-ev4k-5k1d-2bhu
4
vulnerability VCID-fqkx-v8t5-q3h6
5
vulnerability VCID-j8hk-bqnb-gycp
6
vulnerability VCID-jp1p-rfxa-hyd9
7
vulnerability VCID-p7gd-anw2-1qbz
8
vulnerability VCID-rqrw-t2kj-mud8
9
vulnerability VCID-sdjb-gp4t-vbgt
10
vulnerability VCID-tgyt-axv1-c7ag
11
vulnerability VCID-uq77-aax5-k7d8
12
vulnerability VCID-xw1s-93bu-wuh9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.27
1
url pkg:composer/typo3/cms@9.5.8
purl pkg:composer/typo3/cms@9.5.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-4an7-9ph4-mkd4
4
vulnerability VCID-6mnf-2fcw-dqgp
5
vulnerability VCID-848u-w88s-5bbe
6
vulnerability VCID-8w4e-d49b-nbg8
7
vulnerability VCID-a1g9-pyz5-9fca
8
vulnerability VCID-bbh5-rss8-bfct
9
vulnerability VCID-e6zr-4bgg-kkh5
10
vulnerability VCID-ev4k-5k1d-2bhu
11
vulnerability VCID-fqkx-v8t5-q3h6
12
vulnerability VCID-j8hk-bqnb-gycp
13
vulnerability VCID-jp1p-rfxa-hyd9
14
vulnerability VCID-n1gz-y615-cbbk
15
vulnerability VCID-p7gd-anw2-1qbz
16
vulnerability VCID-rqrw-t2kj-mud8
17
vulnerability VCID-sdjb-gp4t-vbgt
18
vulnerability VCID-tgyt-axv1-c7ag
19
vulnerability VCID-uq77-aax5-k7d8
20
vulnerability VCID-xw1s-93bu-wuh9
21
vulnerability VCID-zkvq-bms4-gfcv
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.8
aliases GMS-2019-188
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4eym-e6vt-8fbs
4
url VCID-7ch1-q9f4-a7bt
vulnerability_id VCID-7ch1-q9f4-a7bt
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
In Bootstrap, XSS is possible in the data-target property of scrollspy.
references
0
reference_url http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html
1
reference_url http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html
2
reference_url https://access.redhat.com/errata/RHSA-2019:1456
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:1456
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14041.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14041.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-14041
reference_id
reference_type
scores
0
value 0.07723
scoring_system epss
scoring_elements 0.92076
published_at 2026-06-04T12:55:00Z
1
value 0.07723
scoring_system epss
scoring_elements 0.92089
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-14041
5
reference_url https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2
6
reference_url http://seclists.org/fulldisclosure/2019/May/10
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2019/May/10
7
reference_url http://seclists.org/fulldisclosure/2019/May/11
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2019/May/11
8
reference_url http://seclists.org/fulldisclosure/2019/May/13
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2019/May/13
9
reference_url https://github.com/twbs/bootstrap
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/twbs/bootstrap
10
reference_url https://github.com/twbs/bootstrap/issues/26423
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/twbs/bootstrap/issues/26423
11
reference_url https://github.com/twbs/bootstrap/issues/26627
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/twbs/bootstrap/issues/26627
12
reference_url https://github.com/twbs/bootstrap/pull/26630
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/twbs/bootstrap/pull/26630
13
reference_url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e@%3Cdev.superset.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e@%3Cdev.superset.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714@%3Cissues.hbase.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714@%3Cissues.hbase.apache.org%3E
18
reference_url https://seclists.org/bugtraq/2019/May/18
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/May/18
19
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-006
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2019-006
20
reference_url https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuApr2021.html
21
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1601616
reference_id 1601616
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1601616
22
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-14041
reference_id CVE-2018-14041
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-14041
23
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2018-14041.yaml
reference_id CVE-2018-14041.YAML
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2018-14041.yaml
24
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2018-14041.yaml
reference_id CVE-2018-14041.YAML
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2018-14041.yaml
25
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap/CVE-2018-14041.yml
reference_id CVE-2018-14041.YML
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap/CVE-2018-14041.yml
26
reference_url https://github.com/advisories/GHSA-pj7m-g53m-7638
reference_id GHSA-pj7m-g53m-7638
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pj7m-g53m-7638
27
reference_url https://access.redhat.com/errata/RHSA-2023:0552
reference_id RHSA-2023:0552
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0552
28
reference_url https://access.redhat.com/errata/RHSA-2023:0553
reference_id RHSA-2023:0553
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0553
29
reference_url https://access.redhat.com/errata/RHSA-2023:0554
reference_id RHSA-2023:0554
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0554
30
reference_url https://access.redhat.com/errata/RHSA-2023:0556
reference_id RHSA-2023:0556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0556
31
reference_url https://access.redhat.com/errata/RHSA-2023:5693
reference_id RHSA-2023:5693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5693
fixed_packages
0
url pkg:composer/typo3/cms@8.7.23
purl pkg:composer/typo3/cms@8.7.23
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-4eym-e6vt-8fbs
3
vulnerability VCID-7m6u-k5tp-gkhy
4
vulnerability VCID-848u-w88s-5bbe
5
vulnerability VCID-ev4k-5k1d-2bhu
6
vulnerability VCID-fqkx-v8t5-q3h6
7
vulnerability VCID-fut7-bb1f-37g7
8
vulnerability VCID-j8hk-bqnb-gycp
9
vulnerability VCID-jp1p-rfxa-hyd9
10
vulnerability VCID-k5t3-28es-h3ez
11
vulnerability VCID-nney-azbc-pucg
12
vulnerability VCID-p7gd-anw2-1qbz
13
vulnerability VCID-qv14-m93d-jyd9
14
vulnerability VCID-rqrw-t2kj-mud8
15
vulnerability VCID-ru6w-m6q6-27gn
16
vulnerability VCID-sdjb-gp4t-vbgt
17
vulnerability VCID-sdsa-mh76-kqch
18
vulnerability VCID-tgyt-axv1-c7ag
19
vulnerability VCID-uq77-aax5-k7d8
20
vulnerability VCID-x5x1-w7yv-eye9
21
vulnerability VCID-xw1s-93bu-wuh9
22
vulnerability VCID-y7ds-p5r2-yuhq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.23
1
url pkg:composer/typo3/cms@9.5.4
purl pkg:composer/typo3/cms@9.5.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-3ye6-vqje-abh4
4
vulnerability VCID-4an7-9ph4-mkd4
5
vulnerability VCID-4eym-e6vt-8fbs
6
vulnerability VCID-6mnf-2fcw-dqgp
7
vulnerability VCID-7m6u-k5tp-gkhy
8
vulnerability VCID-7xv1-78u7-xufp
9
vulnerability VCID-848u-w88s-5bbe
10
vulnerability VCID-8w4e-d49b-nbg8
11
vulnerability VCID-9adx-p876-kyb5
12
vulnerability VCID-a1g9-pyz5-9fca
13
vulnerability VCID-bbh5-rss8-bfct
14
vulnerability VCID-cvk2-93hm-gkhx
15
vulnerability VCID-e6zr-4bgg-kkh5
16
vulnerability VCID-ev4k-5k1d-2bhu
17
vulnerability VCID-fqkx-v8t5-q3h6
18
vulnerability VCID-fut7-bb1f-37g7
19
vulnerability VCID-j8hk-bqnb-gycp
20
vulnerability VCID-jp1p-rfxa-hyd9
21
vulnerability VCID-k5t3-28es-h3ez
22
vulnerability VCID-n1gz-y615-cbbk
23
vulnerability VCID-nney-azbc-pucg
24
vulnerability VCID-p7gd-anw2-1qbz
25
vulnerability VCID-qv14-m93d-jyd9
26
vulnerability VCID-rqrw-t2kj-mud8
27
vulnerability VCID-ru6w-m6q6-27gn
28
vulnerability VCID-sdjb-gp4t-vbgt
29
vulnerability VCID-sdsa-mh76-kqch
30
vulnerability VCID-tgyt-axv1-c7ag
31
vulnerability VCID-uq77-aax5-k7d8
32
vulnerability VCID-x5x1-w7yv-eye9
33
vulnerability VCID-xw1s-93bu-wuh9
34
vulnerability VCID-y7ds-p5r2-yuhq
35
vulnerability VCID-zeut-9wfp-q7et
36
vulnerability VCID-zkvq-bms4-gfcv
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.4
aliases CVE-2018-14041, GHSA-pj7m-g53m-7638
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7ch1-q9f4-a7bt
5
url VCID-7m6u-k5tp-gkhy
vulnerability_id VCID-7m6u-k5tp-gkhy
summary Insecure Deserialization in TYPO3 CMS.
references
0
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-020/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2019-020/
fixed_packages
0
url pkg:composer/typo3/cms@8.7.27
purl pkg:composer/typo3/cms@8.7.27
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-848u-w88s-5bbe
3
vulnerability VCID-ev4k-5k1d-2bhu
4
vulnerability VCID-fqkx-v8t5-q3h6
5
vulnerability VCID-j8hk-bqnb-gycp
6
vulnerability VCID-jp1p-rfxa-hyd9
7
vulnerability VCID-p7gd-anw2-1qbz
8
vulnerability VCID-rqrw-t2kj-mud8
9
vulnerability VCID-sdjb-gp4t-vbgt
10
vulnerability VCID-tgyt-axv1-c7ag
11
vulnerability VCID-uq77-aax5-k7d8
12
vulnerability VCID-xw1s-93bu-wuh9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.27
1
url pkg:composer/typo3/cms@9.5.8
purl pkg:composer/typo3/cms@9.5.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-4an7-9ph4-mkd4
4
vulnerability VCID-6mnf-2fcw-dqgp
5
vulnerability VCID-848u-w88s-5bbe
6
vulnerability VCID-8w4e-d49b-nbg8
7
vulnerability VCID-a1g9-pyz5-9fca
8
vulnerability VCID-bbh5-rss8-bfct
9
vulnerability VCID-e6zr-4bgg-kkh5
10
vulnerability VCID-ev4k-5k1d-2bhu
11
vulnerability VCID-fqkx-v8t5-q3h6
12
vulnerability VCID-j8hk-bqnb-gycp
13
vulnerability VCID-jp1p-rfxa-hyd9
14
vulnerability VCID-n1gz-y615-cbbk
15
vulnerability VCID-p7gd-anw2-1qbz
16
vulnerability VCID-rqrw-t2kj-mud8
17
vulnerability VCID-sdjb-gp4t-vbgt
18
vulnerability VCID-tgyt-axv1-c7ag
19
vulnerability VCID-uq77-aax5-k7d8
20
vulnerability VCID-xw1s-93bu-wuh9
21
vulnerability VCID-zkvq-bms4-gfcv
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.8
aliases GMS-2019-189
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7m6u-k5tp-gkhy
6
url VCID-848u-w88s-5bbe
vulnerability_id VCID-848u-w88s-5bbe
summary 
Unrestricted Upload of File with Dangerous Type
Due to the lack of ensuring file extensions belong to configured allowed mime-types, attackers can upload arbitrary data with arbitrary file extensions - however, default `_fileDenyPattern_` successfully blocked files like `_.htaccess_` or `_malicious.php_`. Additionally, `_UploadedFileReferenceConverter_` transforming uploaded files into proper FileReference domain model objects handles possible file uploads for other extensions as well - given those extensions use the Extbase MVC framework, make use of FileReference items in their direct or inherited domain model definitions and did not implement their own type converter. In case this scenario applies, `_UploadedFileReferenceConverter_` accepts any file mime-type and persists files in the default location. In any way, uploaded files are placed in the default location `_/fileadmin/user_upload/_`, in most scenarios keeping the submitted filename - which allows attackers to directly reference files, or even correctly guess filenames used by other individuals, disclosing this information. No authentication is required to exploit this vulnerability.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-21355
reference_id
reference_type
scores
0
value 0.00416
scoring_system epss
scoring_elements 0.62108
published_at 2026-06-05T12:55:00Z
1
value 0.00416
scoring_system epss
scoring_elements 0.62059
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-21355
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21355.yaml
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21355.yaml
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21355.yaml
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21355.yaml
3
reference_url https://packagist.org/packages/typo3/cms-form
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://packagist.org/packages/typo3/cms-form
4
reference_url https://typo3.org/security/advisory/typo3-core-sa-2021-002
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2021-002
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-21355
reference_id CVE-2021-21355
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-21355
6
reference_url https://github.com/advisories/GHSA-2r6j-862c-m2v2
reference_id GHSA-2r6j-862c-m2v2
reference_type
scores
url https://github.com/advisories/GHSA-2r6j-862c-m2v2
7
reference_url https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-2r6j-862c-m2v2
reference_id GHSA-2r6j-862c-m2v2
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-2r6j-862c-m2v2
fixed_packages
0
url pkg:composer/typo3/cms@8.7.40
purl pkg:composer/typo3/cms@8.7.40
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-j8hk-bqnb-gycp
1
vulnerability VCID-sdjb-gp4t-vbgt
2
vulnerability VCID-uq77-aax5-k7d8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.40
1
url pkg:composer/typo3/cms@9.5.25
purl pkg:composer/typo3/cms@9.5.25
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rhr-8vaz-hqfj
1
vulnerability VCID-a1g9-pyz5-9fca
2
vulnerability VCID-j8hk-bqnb-gycp
3
vulnerability VCID-sdjb-gp4t-vbgt
4
vulnerability VCID-uq77-aax5-k7d8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.25
2
url pkg:composer/typo3/cms@10.4.14
purl pkg:composer/typo3/cms@10.4.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rhr-8vaz-hqfj
1
vulnerability VCID-a1g9-pyz5-9fca
2
vulnerability VCID-j8hk-bqnb-gycp
3
vulnerability VCID-sdjb-gp4t-vbgt
4
vulnerability VCID-uq77-aax5-k7d8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.4.14
3
url pkg:composer/typo3/cms@11.1.1
purl pkg:composer/typo3/cms@11.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rhr-8vaz-hqfj
1
vulnerability VCID-a1g9-pyz5-9fca
2
vulnerability VCID-fsx8-7qjz-2ubw
3
vulnerability VCID-j8hk-bqnb-gycp
4
vulnerability VCID-sdjb-gp4t-vbgt
5
vulnerability VCID-uq77-aax5-k7d8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@11.1.1
aliases CVE-2021-21355, GHSA-2r6j-862c-m2v2
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-848u-w88s-5bbe
7
url VCID-953t-q1cr-zyd6
vulnerability_id VCID-953t-q1cr-zyd6
summary 
Cross-site Scripting
Cross-Site Scripting in Backend Modal Component.
references
0
reference_url https://typo3.org/security/advisory/typo3-core-sa-2018-007/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2018-007/
fixed_packages
0
url pkg:composer/typo3/cms@8.7.21
purl pkg:composer/typo3/cms@8.7.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-4eym-e6vt-8fbs
3
vulnerability VCID-7m6u-k5tp-gkhy
4
vulnerability VCID-848u-w88s-5bbe
5
vulnerability VCID-am6s-67bm-77dr
6
vulnerability VCID-bn3p-39sv-6fdg
7
vulnerability VCID-ev4k-5k1d-2bhu
8
vulnerability VCID-fqkx-v8t5-q3h6
9
vulnerability VCID-fut7-bb1f-37g7
10
vulnerability VCID-j8hk-bqnb-gycp
11
vulnerability VCID-jp1p-rfxa-hyd9
12
vulnerability VCID-k5t3-28es-h3ez
13
vulnerability VCID-khpm-e1xb-hydb
14
vulnerability VCID-nney-azbc-pucg
15
vulnerability VCID-p7gd-anw2-1qbz
16
vulnerability VCID-pmvp-twk2-jqe4
17
vulnerability VCID-qv14-m93d-jyd9
18
vulnerability VCID-rqrw-t2kj-mud8
19
vulnerability VCID-ru6w-m6q6-27gn
20
vulnerability VCID-sdjb-gp4t-vbgt
21
vulnerability VCID-sdsa-mh76-kqch
22
vulnerability VCID-tgyt-axv1-c7ag
23
vulnerability VCID-u259-2sxq-tbct
24
vulnerability VCID-uq77-aax5-k7d8
25
vulnerability VCID-vw2r-g8yy-eyf4
26
vulnerability VCID-x5x1-w7yv-eye9
27
vulnerability VCID-xw1s-93bu-wuh9
28
vulnerability VCID-y7ds-p5r2-yuhq
29
vulnerability VCID-zmwv-gwq3-fkej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.21
1
url pkg:composer/typo3/cms@9.5.2
purl pkg:composer/typo3/cms@9.5.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-3ye6-vqje-abh4
4
vulnerability VCID-4an7-9ph4-mkd4
5
vulnerability VCID-4eym-e6vt-8fbs
6
vulnerability VCID-4jck-w9ct-budk
7
vulnerability VCID-6mnf-2fcw-dqgp
8
vulnerability VCID-7m6u-k5tp-gkhy
9
vulnerability VCID-7xv1-78u7-xufp
10
vulnerability VCID-848u-w88s-5bbe
11
vulnerability VCID-8w4e-d49b-nbg8
12
vulnerability VCID-9adx-p876-kyb5
13
vulnerability VCID-a1g9-pyz5-9fca
14
vulnerability VCID-am6s-67bm-77dr
15
vulnerability VCID-bbh5-rss8-bfct
16
vulnerability VCID-cvk2-93hm-gkhx
17
vulnerability VCID-e6zr-4bgg-kkh5
18
vulnerability VCID-ev4k-5k1d-2bhu
19
vulnerability VCID-fqkx-v8t5-q3h6
20
vulnerability VCID-fut7-bb1f-37g7
21
vulnerability VCID-j8hk-bqnb-gycp
22
vulnerability VCID-jp1p-rfxa-hyd9
23
vulnerability VCID-k5t3-28es-h3ez
24
vulnerability VCID-khpm-e1xb-hydb
25
vulnerability VCID-n1gz-y615-cbbk
26
vulnerability VCID-nney-azbc-pucg
27
vulnerability VCID-p7gd-anw2-1qbz
28
vulnerability VCID-pmvp-twk2-jqe4
29
vulnerability VCID-qv14-m93d-jyd9
30
vulnerability VCID-rqrw-t2kj-mud8
31
vulnerability VCID-ru6w-m6q6-27gn
32
vulnerability VCID-sdjb-gp4t-vbgt
33
vulnerability VCID-sdsa-mh76-kqch
34
vulnerability VCID-tgyt-axv1-c7ag
35
vulnerability VCID-u259-2sxq-tbct
36
vulnerability VCID-uq77-aax5-k7d8
37
vulnerability VCID-vw2r-g8yy-eyf4
38
vulnerability VCID-x5x1-w7yv-eye9
39
vulnerability VCID-xw1s-93bu-wuh9
40
vulnerability VCID-y7ds-p5r2-yuhq
41
vulnerability VCID-zeut-9wfp-q7et
42
vulnerability VCID-zkvq-bms4-gfcv
43
vulnerability VCID-zmwv-gwq3-fkej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.2
aliases GMS-2018-98
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-953t-q1cr-zyd6
8
url VCID-abjx-8v46-d7d8
vulnerability_id VCID-abjx-8v46-d7d8
summary 
Improper Authentication
Authentication Bypass in TYPO3 CMS.
references
0
reference_url https://typo3.org/security/advisory/typo3-core-sa-2018-001/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2018-001/
fixed_packages
0
url pkg:composer/typo3/cms@8.7.17
purl pkg:composer/typo3/cms@8.7.17
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-3ugj-6m1e-e3hr
3
vulnerability VCID-4eym-e6vt-8fbs
4
vulnerability VCID-7ch1-q9f4-a7bt
5
vulnerability VCID-7m6u-k5tp-gkhy
6
vulnerability VCID-848u-w88s-5bbe
7
vulnerability VCID-953t-q1cr-zyd6
8
vulnerability VCID-am6s-67bm-77dr
9
vulnerability VCID-bn3p-39sv-6fdg
10
vulnerability VCID-dsqm-9q3e-dudw
11
vulnerability VCID-emqq-kwjg-3kfk
12
vulnerability VCID-ev4k-5k1d-2bhu
13
vulnerability VCID-fdnw-2tz5-4fdr
14
vulnerability VCID-fqkx-v8t5-q3h6
15
vulnerability VCID-fut7-bb1f-37g7
16
vulnerability VCID-hp99-ncuh-6ugv
17
vulnerability VCID-j8hk-bqnb-gycp
18
vulnerability VCID-jp1p-rfxa-hyd9
19
vulnerability VCID-jq5y-7h9g-mufa
20
vulnerability VCID-k5t3-28es-h3ez
21
vulnerability VCID-khpm-e1xb-hydb
22
vulnerability VCID-nney-azbc-pucg
23
vulnerability VCID-p7gd-anw2-1qbz
24
vulnerability VCID-pmvp-twk2-jqe4
25
vulnerability VCID-qv14-m93d-jyd9
26
vulnerability VCID-qxab-9uwr-yqhv
27
vulnerability VCID-rqrw-t2kj-mud8
28
vulnerability VCID-ru6w-m6q6-27gn
29
vulnerability VCID-sdjb-gp4t-vbgt
30
vulnerability VCID-sdsa-mh76-kqch
31
vulnerability VCID-tgyt-axv1-c7ag
32
vulnerability VCID-u259-2sxq-tbct
33
vulnerability VCID-uq77-aax5-k7d8
34
vulnerability VCID-vw2r-g8yy-eyf4
35
vulnerability VCID-x5x1-w7yv-eye9
36
vulnerability VCID-xw1s-93bu-wuh9
37
vulnerability VCID-y7ds-p5r2-yuhq
38
vulnerability VCID-yz6t-ge1y-qfgr
39
vulnerability VCID-zmwv-gwq3-fkej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.17
1
url pkg:composer/typo3/cms@9.3.2
purl pkg:composer/typo3/cms@9.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-3ugj-6m1e-e3hr
4
vulnerability VCID-3ye6-vqje-abh4
5
vulnerability VCID-4an7-9ph4-mkd4
6
vulnerability VCID-4eym-e6vt-8fbs
7
vulnerability VCID-4jck-w9ct-budk
8
vulnerability VCID-6mnf-2fcw-dqgp
9
vulnerability VCID-7ch1-q9f4-a7bt
10
vulnerability VCID-7m6u-k5tp-gkhy
11
vulnerability VCID-7xv1-78u7-xufp
12
vulnerability VCID-848u-w88s-5bbe
13
vulnerability VCID-8w4e-d49b-nbg8
14
vulnerability VCID-953t-q1cr-zyd6
15
vulnerability VCID-9adx-p876-kyb5
16
vulnerability VCID-a1g9-pyz5-9fca
17
vulnerability VCID-am6s-67bm-77dr
18
vulnerability VCID-bbh5-rss8-bfct
19
vulnerability VCID-cvk2-93hm-gkhx
20
vulnerability VCID-dsqm-9q3e-dudw
21
vulnerability VCID-e6zr-4bgg-kkh5
22
vulnerability VCID-emqq-kwjg-3kfk
23
vulnerability VCID-ev4k-5k1d-2bhu
24
vulnerability VCID-fqkx-v8t5-q3h6
25
vulnerability VCID-fut7-bb1f-37g7
26
vulnerability VCID-hp99-ncuh-6ugv
27
vulnerability VCID-j8hk-bqnb-gycp
28
vulnerability VCID-jp1p-rfxa-hyd9
29
vulnerability VCID-jq5y-7h9g-mufa
30
vulnerability VCID-k5t3-28es-h3ez
31
vulnerability VCID-khpm-e1xb-hydb
32
vulnerability VCID-n1gz-y615-cbbk
33
vulnerability VCID-nney-azbc-pucg
34
vulnerability VCID-p7gd-anw2-1qbz
35
vulnerability VCID-pmvp-twk2-jqe4
36
vulnerability VCID-qv14-m93d-jyd9
37
vulnerability VCID-qxab-9uwr-yqhv
38
vulnerability VCID-rqrw-t2kj-mud8
39
vulnerability VCID-ru6w-m6q6-27gn
40
vulnerability VCID-sdjb-gp4t-vbgt
41
vulnerability VCID-sdsa-mh76-kqch
42
vulnerability VCID-tgyt-axv1-c7ag
43
vulnerability VCID-u259-2sxq-tbct
44
vulnerability VCID-uq77-aax5-k7d8
45
vulnerability VCID-vw2r-g8yy-eyf4
46
vulnerability VCID-x5x1-w7yv-eye9
47
vulnerability VCID-xw1s-93bu-wuh9
48
vulnerability VCID-y7ds-p5r2-yuhq
49
vulnerability VCID-yz6t-ge1y-qfgr
50
vulnerability VCID-zeut-9wfp-q7et
51
vulnerability VCID-zkvq-bms4-gfcv
52
vulnerability VCID-zmwv-gwq3-fkej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.3.2
aliases GMS-2018-93
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-abjx-8v46-d7d8
9
url VCID-am6s-67bm-77dr
vulnerability_id VCID-am6s-67bm-77dr
summary 
Cross-site Scripting
Cross-Site Scripting in Bootstrap CSS toolkit.
references
0
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-006/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2019-006/
fixed_packages
0
url pkg:composer/typo3/cms@8.7.23
purl pkg:composer/typo3/cms@8.7.23
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-4eym-e6vt-8fbs
3
vulnerability VCID-7m6u-k5tp-gkhy
4
vulnerability VCID-848u-w88s-5bbe
5
vulnerability VCID-ev4k-5k1d-2bhu
6
vulnerability VCID-fqkx-v8t5-q3h6
7
vulnerability VCID-fut7-bb1f-37g7
8
vulnerability VCID-j8hk-bqnb-gycp
9
vulnerability VCID-jp1p-rfxa-hyd9
10
vulnerability VCID-k5t3-28es-h3ez
11
vulnerability VCID-nney-azbc-pucg
12
vulnerability VCID-p7gd-anw2-1qbz
13
vulnerability VCID-qv14-m93d-jyd9
14
vulnerability VCID-rqrw-t2kj-mud8
15
vulnerability VCID-ru6w-m6q6-27gn
16
vulnerability VCID-sdjb-gp4t-vbgt
17
vulnerability VCID-sdsa-mh76-kqch
18
vulnerability VCID-tgyt-axv1-c7ag
19
vulnerability VCID-uq77-aax5-k7d8
20
vulnerability VCID-x5x1-w7yv-eye9
21
vulnerability VCID-xw1s-93bu-wuh9
22
vulnerability VCID-y7ds-p5r2-yuhq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.23
1
url pkg:composer/typo3/cms@9.5.4
purl pkg:composer/typo3/cms@9.5.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-3ye6-vqje-abh4
4
vulnerability VCID-4an7-9ph4-mkd4
5
vulnerability VCID-4eym-e6vt-8fbs
6
vulnerability VCID-6mnf-2fcw-dqgp
7
vulnerability VCID-7m6u-k5tp-gkhy
8
vulnerability VCID-7xv1-78u7-xufp
9
vulnerability VCID-848u-w88s-5bbe
10
vulnerability VCID-8w4e-d49b-nbg8
11
vulnerability VCID-9adx-p876-kyb5
12
vulnerability VCID-a1g9-pyz5-9fca
13
vulnerability VCID-bbh5-rss8-bfct
14
vulnerability VCID-cvk2-93hm-gkhx
15
vulnerability VCID-e6zr-4bgg-kkh5
16
vulnerability VCID-ev4k-5k1d-2bhu
17
vulnerability VCID-fqkx-v8t5-q3h6
18
vulnerability VCID-fut7-bb1f-37g7
19
vulnerability VCID-j8hk-bqnb-gycp
20
vulnerability VCID-jp1p-rfxa-hyd9
21
vulnerability VCID-k5t3-28es-h3ez
22
vulnerability VCID-n1gz-y615-cbbk
23
vulnerability VCID-nney-azbc-pucg
24
vulnerability VCID-p7gd-anw2-1qbz
25
vulnerability VCID-qv14-m93d-jyd9
26
vulnerability VCID-rqrw-t2kj-mud8
27
vulnerability VCID-ru6w-m6q6-27gn
28
vulnerability VCID-sdjb-gp4t-vbgt
29
vulnerability VCID-sdsa-mh76-kqch
30
vulnerability VCID-tgyt-axv1-c7ag
31
vulnerability VCID-uq77-aax5-k7d8
32
vulnerability VCID-x5x1-w7yv-eye9
33
vulnerability VCID-xw1s-93bu-wuh9
34
vulnerability VCID-y7ds-p5r2-yuhq
35
vulnerability VCID-zeut-9wfp-q7et
36
vulnerability VCID-zkvq-bms4-gfcv
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.4
aliases GMS-2019-176
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-am6s-67bm-77dr
10
url VCID-bn3p-39sv-6fdg
vulnerability_id VCID-bn3p-39sv-6fdg
summary 
Improper Access Control
Broken Access Control in Localization Handling.
references
0
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-003/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2019-003/
fixed_packages
0
url pkg:composer/typo3/cms@8.7.23
purl pkg:composer/typo3/cms@8.7.23
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-4eym-e6vt-8fbs
3
vulnerability VCID-7m6u-k5tp-gkhy
4
vulnerability VCID-848u-w88s-5bbe
5
vulnerability VCID-ev4k-5k1d-2bhu
6
vulnerability VCID-fqkx-v8t5-q3h6
7
vulnerability VCID-fut7-bb1f-37g7
8
vulnerability VCID-j8hk-bqnb-gycp
9
vulnerability VCID-jp1p-rfxa-hyd9
10
vulnerability VCID-k5t3-28es-h3ez
11
vulnerability VCID-nney-azbc-pucg
12
vulnerability VCID-p7gd-anw2-1qbz
13
vulnerability VCID-qv14-m93d-jyd9
14
vulnerability VCID-rqrw-t2kj-mud8
15
vulnerability VCID-ru6w-m6q6-27gn
16
vulnerability VCID-sdjb-gp4t-vbgt
17
vulnerability VCID-sdsa-mh76-kqch
18
vulnerability VCID-tgyt-axv1-c7ag
19
vulnerability VCID-uq77-aax5-k7d8
20
vulnerability VCID-x5x1-w7yv-eye9
21
vulnerability VCID-xw1s-93bu-wuh9
22
vulnerability VCID-y7ds-p5r2-yuhq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.23
1
url pkg:composer/typo3/cms@9.0.0
purl pkg:composer/typo3/cms@9.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11sw-6x9k-vued
1
vulnerability VCID-11u3-8xzy-jfhh
2
vulnerability VCID-1ffs-9vj5-27hk
3
vulnerability VCID-1sfk-z8py-ykb8
4
vulnerability VCID-28fn-ncj5-2ufk
5
vulnerability VCID-2rhr-8vaz-hqfj
6
vulnerability VCID-2rmv-a83x-9ka8
7
vulnerability VCID-39vn-73mc-jqav
8
vulnerability VCID-3k2k-a3gb-n3ba
9
vulnerability VCID-3ugj-6m1e-e3hr
10
vulnerability VCID-3ye6-vqje-abh4
11
vulnerability VCID-4an7-9ph4-mkd4
12
vulnerability VCID-4eym-e6vt-8fbs
13
vulnerability VCID-4jck-w9ct-budk
14
vulnerability VCID-5k47-9k7t-rqak
15
vulnerability VCID-66kh-c1dm-8fbf
16
vulnerability VCID-6mnf-2fcw-dqgp
17
vulnerability VCID-7ch1-q9f4-a7bt
18
vulnerability VCID-7m6u-k5tp-gkhy
19
vulnerability VCID-7xv1-78u7-xufp
20
vulnerability VCID-848u-w88s-5bbe
21
vulnerability VCID-8w4e-d49b-nbg8
22
vulnerability VCID-94r9-hh4g-jkej
23
vulnerability VCID-953t-q1cr-zyd6
24
vulnerability VCID-9adx-p876-kyb5
25
vulnerability VCID-9yu1-z7c2-t3fj
26
vulnerability VCID-a1g9-pyz5-9fca
27
vulnerability VCID-abjx-8v46-d7d8
28
vulnerability VCID-am6s-67bm-77dr
29
vulnerability VCID-bbh5-rss8-bfct
30
vulnerability VCID-bcbd-zzet-mff6
31
vulnerability VCID-buj5-2t53-3kcr
32
vulnerability VCID-cbmm-1b2k-8qaz
33
vulnerability VCID-cvk2-93hm-gkhx
34
vulnerability VCID-dsqm-9q3e-dudw
35
vulnerability VCID-e6zr-4bgg-kkh5
36
vulnerability VCID-emqq-kwjg-3kfk
37
vulnerability VCID-ev4k-5k1d-2bhu
38
vulnerability VCID-f319-jpf5-hyex
39
vulnerability VCID-f4n7-q72x-3yea
40
vulnerability VCID-fpa2-ffg1-fyaa
41
vulnerability VCID-fqkc-utex-3kav
42
vulnerability VCID-fqkx-v8t5-q3h6
43
vulnerability VCID-fut7-bb1f-37g7
44
vulnerability VCID-gpv4-4tpd-tbaa
45
vulnerability VCID-hknp-f88a-kqec
46
vulnerability VCID-hp99-ncuh-6ugv
47
vulnerability VCID-hsw8-nbs6-auaa
48
vulnerability VCID-j8hk-bqnb-gycp
49
vulnerability VCID-je4q-svfw-hqda
50
vulnerability VCID-jp1p-rfxa-hyd9
51
vulnerability VCID-jq5y-7h9g-mufa
52
vulnerability VCID-jwb1-3sbg-kfa5
53
vulnerability VCID-k5t3-28es-h3ez
54
vulnerability VCID-khpm-e1xb-hydb
55
vulnerability VCID-n1gz-y615-cbbk
56
vulnerability VCID-njsj-bwjq-fyap
57
vulnerability VCID-nney-azbc-pucg
58
vulnerability VCID-p576-w7dd-p3h7
59
vulnerability VCID-p7gd-anw2-1qbz
60
vulnerability VCID-pmvp-twk2-jqe4
61
vulnerability VCID-q2t1-kx56-s3c3
62
vulnerability VCID-q7vt-19eb-sqeq
63
vulnerability VCID-qcnh-z4zh-myaw
64
vulnerability VCID-qdxh-arxx-wbcr
65
vulnerability VCID-qv14-m93d-jyd9
66
vulnerability VCID-qxab-9uwr-yqhv
67
vulnerability VCID-rqrw-t2kj-mud8
68
vulnerability VCID-ru6w-m6q6-27gn
69
vulnerability VCID-sdjb-gp4t-vbgt
70
vulnerability VCID-sdsa-mh76-kqch
71
vulnerability VCID-teby-zvvw-zkhv
72
vulnerability VCID-tgyt-axv1-c7ag
73
vulnerability VCID-tzpj-j3x1-ekgk
74
vulnerability VCID-u259-2sxq-tbct
75
vulnerability VCID-u6as-cwxc-pkhk
76
vulnerability VCID-un7r-8sah-33cr
77
vulnerability VCID-uq77-aax5-k7d8
78
vulnerability VCID-vq15-t92r-5bhx
79
vulnerability VCID-vw2r-g8yy-eyf4
80
vulnerability VCID-w1wb-mq2y-dfca
81
vulnerability VCID-w7z1-aw31-vugx
82
vulnerability VCID-wat8-4m83-hken
83
vulnerability VCID-x5x1-w7yv-eye9
84
vulnerability VCID-xvyu-2hb8-8ufh
85
vulnerability VCID-xw1s-93bu-wuh9
86
vulnerability VCID-y7ds-p5r2-yuhq
87
vulnerability VCID-yh6b-tc4u-v3bk
88
vulnerability VCID-yz6t-ge1y-qfgr
89
vulnerability VCID-zeut-9wfp-q7et
90
vulnerability VCID-zgfw-pk39-gyg8
91
vulnerability VCID-zkvq-bms4-gfcv
92
vulnerability VCID-zmwv-gwq3-fkej
93
vulnerability VCID-zybp-mb3d-jyee
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.0.0
aliases GMS-2019-174
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bn3p-39sv-6fdg
11
url VCID-dsqm-9q3e-dudw
vulnerability_id VCID-dsqm-9q3e-dudw
summary 
Uncontrolled Resource Consumption
Denial of Service in Online Media Asset Handling.
references
0
reference_url https://typo3.org/security/advisory/typo3-core-sa-2018-011/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2018-011/
fixed_packages
0
url pkg:composer/typo3/cms@8.7.21
purl pkg:composer/typo3/cms@8.7.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-4eym-e6vt-8fbs
3
vulnerability VCID-7m6u-k5tp-gkhy
4
vulnerability VCID-848u-w88s-5bbe
5
vulnerability VCID-am6s-67bm-77dr
6
vulnerability VCID-bn3p-39sv-6fdg
7
vulnerability VCID-ev4k-5k1d-2bhu
8
vulnerability VCID-fqkx-v8t5-q3h6
9
vulnerability VCID-fut7-bb1f-37g7
10
vulnerability VCID-j8hk-bqnb-gycp
11
vulnerability VCID-jp1p-rfxa-hyd9
12
vulnerability VCID-k5t3-28es-h3ez
13
vulnerability VCID-khpm-e1xb-hydb
14
vulnerability VCID-nney-azbc-pucg
15
vulnerability VCID-p7gd-anw2-1qbz
16
vulnerability VCID-pmvp-twk2-jqe4
17
vulnerability VCID-qv14-m93d-jyd9
18
vulnerability VCID-rqrw-t2kj-mud8
19
vulnerability VCID-ru6w-m6q6-27gn
20
vulnerability VCID-sdjb-gp4t-vbgt
21
vulnerability VCID-sdsa-mh76-kqch
22
vulnerability VCID-tgyt-axv1-c7ag
23
vulnerability VCID-u259-2sxq-tbct
24
vulnerability VCID-uq77-aax5-k7d8
25
vulnerability VCID-vw2r-g8yy-eyf4
26
vulnerability VCID-x5x1-w7yv-eye9
27
vulnerability VCID-xw1s-93bu-wuh9
28
vulnerability VCID-y7ds-p5r2-yuhq
29
vulnerability VCID-zmwv-gwq3-fkej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.21
1
url pkg:composer/typo3/cms@9.5.2
purl pkg:composer/typo3/cms@9.5.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-3ye6-vqje-abh4
4
vulnerability VCID-4an7-9ph4-mkd4
5
vulnerability VCID-4eym-e6vt-8fbs
6
vulnerability VCID-4jck-w9ct-budk
7
vulnerability VCID-6mnf-2fcw-dqgp
8
vulnerability VCID-7m6u-k5tp-gkhy
9
vulnerability VCID-7xv1-78u7-xufp
10
vulnerability VCID-848u-w88s-5bbe
11
vulnerability VCID-8w4e-d49b-nbg8
12
vulnerability VCID-9adx-p876-kyb5
13
vulnerability VCID-a1g9-pyz5-9fca
14
vulnerability VCID-am6s-67bm-77dr
15
vulnerability VCID-bbh5-rss8-bfct
16
vulnerability VCID-cvk2-93hm-gkhx
17
vulnerability VCID-e6zr-4bgg-kkh5
18
vulnerability VCID-ev4k-5k1d-2bhu
19
vulnerability VCID-fqkx-v8t5-q3h6
20
vulnerability VCID-fut7-bb1f-37g7
21
vulnerability VCID-j8hk-bqnb-gycp
22
vulnerability VCID-jp1p-rfxa-hyd9
23
vulnerability VCID-k5t3-28es-h3ez
24
vulnerability VCID-khpm-e1xb-hydb
25
vulnerability VCID-n1gz-y615-cbbk
26
vulnerability VCID-nney-azbc-pucg
27
vulnerability VCID-p7gd-anw2-1qbz
28
vulnerability VCID-pmvp-twk2-jqe4
29
vulnerability VCID-qv14-m93d-jyd9
30
vulnerability VCID-rqrw-t2kj-mud8
31
vulnerability VCID-ru6w-m6q6-27gn
32
vulnerability VCID-sdjb-gp4t-vbgt
33
vulnerability VCID-sdsa-mh76-kqch
34
vulnerability VCID-tgyt-axv1-c7ag
35
vulnerability VCID-u259-2sxq-tbct
36
vulnerability VCID-uq77-aax5-k7d8
37
vulnerability VCID-vw2r-g8yy-eyf4
38
vulnerability VCID-x5x1-w7yv-eye9
39
vulnerability VCID-xw1s-93bu-wuh9
40
vulnerability VCID-y7ds-p5r2-yuhq
41
vulnerability VCID-zeut-9wfp-q7et
42
vulnerability VCID-zkvq-bms4-gfcv
43
vulnerability VCID-zmwv-gwq3-fkej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.2
aliases GMS-2018-102
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dsqm-9q3e-dudw
12
url VCID-emqq-kwjg-3kfk
vulnerability_id VCID-emqq-kwjg-3kfk
summary 
Cross-site Scripting
Cross-Site Scripting in CKEditor.
references
0
reference_url https://typo3.org/security/advisory/typo3-core-sa-2018-005/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2018-005/
fixed_packages
0
url pkg:composer/typo3/cms@8.7.21
purl pkg:composer/typo3/cms@8.7.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-4eym-e6vt-8fbs
3
vulnerability VCID-7m6u-k5tp-gkhy
4
vulnerability VCID-848u-w88s-5bbe
5
vulnerability VCID-am6s-67bm-77dr
6
vulnerability VCID-bn3p-39sv-6fdg
7
vulnerability VCID-ev4k-5k1d-2bhu
8
vulnerability VCID-fqkx-v8t5-q3h6
9
vulnerability VCID-fut7-bb1f-37g7
10
vulnerability VCID-j8hk-bqnb-gycp
11
vulnerability VCID-jp1p-rfxa-hyd9
12
vulnerability VCID-k5t3-28es-h3ez
13
vulnerability VCID-khpm-e1xb-hydb
14
vulnerability VCID-nney-azbc-pucg
15
vulnerability VCID-p7gd-anw2-1qbz
16
vulnerability VCID-pmvp-twk2-jqe4
17
vulnerability VCID-qv14-m93d-jyd9
18
vulnerability VCID-rqrw-t2kj-mud8
19
vulnerability VCID-ru6w-m6q6-27gn
20
vulnerability VCID-sdjb-gp4t-vbgt
21
vulnerability VCID-sdsa-mh76-kqch
22
vulnerability VCID-tgyt-axv1-c7ag
23
vulnerability VCID-u259-2sxq-tbct
24
vulnerability VCID-uq77-aax5-k7d8
25
vulnerability VCID-vw2r-g8yy-eyf4
26
vulnerability VCID-x5x1-w7yv-eye9
27
vulnerability VCID-xw1s-93bu-wuh9
28
vulnerability VCID-y7ds-p5r2-yuhq
29
vulnerability VCID-zmwv-gwq3-fkej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.21
1
url pkg:composer/typo3/cms@9.5.2
purl pkg:composer/typo3/cms@9.5.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-3ye6-vqje-abh4
4
vulnerability VCID-4an7-9ph4-mkd4
5
vulnerability VCID-4eym-e6vt-8fbs
6
vulnerability VCID-4jck-w9ct-budk
7
vulnerability VCID-6mnf-2fcw-dqgp
8
vulnerability VCID-7m6u-k5tp-gkhy
9
vulnerability VCID-7xv1-78u7-xufp
10
vulnerability VCID-848u-w88s-5bbe
11
vulnerability VCID-8w4e-d49b-nbg8
12
vulnerability VCID-9adx-p876-kyb5
13
vulnerability VCID-a1g9-pyz5-9fca
14
vulnerability VCID-am6s-67bm-77dr
15
vulnerability VCID-bbh5-rss8-bfct
16
vulnerability VCID-cvk2-93hm-gkhx
17
vulnerability VCID-e6zr-4bgg-kkh5
18
vulnerability VCID-ev4k-5k1d-2bhu
19
vulnerability VCID-fqkx-v8t5-q3h6
20
vulnerability VCID-fut7-bb1f-37g7
21
vulnerability VCID-j8hk-bqnb-gycp
22
vulnerability VCID-jp1p-rfxa-hyd9
23
vulnerability VCID-k5t3-28es-h3ez
24
vulnerability VCID-khpm-e1xb-hydb
25
vulnerability VCID-n1gz-y615-cbbk
26
vulnerability VCID-nney-azbc-pucg
27
vulnerability VCID-p7gd-anw2-1qbz
28
vulnerability VCID-pmvp-twk2-jqe4
29
vulnerability VCID-qv14-m93d-jyd9
30
vulnerability VCID-rqrw-t2kj-mud8
31
vulnerability VCID-ru6w-m6q6-27gn
32
vulnerability VCID-sdjb-gp4t-vbgt
33
vulnerability VCID-sdsa-mh76-kqch
34
vulnerability VCID-tgyt-axv1-c7ag
35
vulnerability VCID-u259-2sxq-tbct
36
vulnerability VCID-uq77-aax5-k7d8
37
vulnerability VCID-vw2r-g8yy-eyf4
38
vulnerability VCID-x5x1-w7yv-eye9
39
vulnerability VCID-xw1s-93bu-wuh9
40
vulnerability VCID-y7ds-p5r2-yuhq
41
vulnerability VCID-zeut-9wfp-q7et
42
vulnerability VCID-zkvq-bms4-gfcv
43
vulnerability VCID-zmwv-gwq3-fkej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.2
aliases GMS-2018-104
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-emqq-kwjg-3kfk
13
url VCID-ev4k-5k1d-2bhu
vulnerability_id VCID-ev4k-5k1d-2bhu
summary 
URL Redirection to Untrusted Site (Open Redirect)
Login Handling is susceptible to open redirection which allows attackers redirecting to arbitrary content, and conducting phishing attacks. No authentication is required in order to exploit this vulnerability.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-21338
reference_id
reference_type
scores
0
value 0.00253
scoring_system epss
scoring_elements 0.48835
published_at 2026-06-05T12:55:00Z
1
value 0.00253
scoring_system epss
scoring_elements 0.48774
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-21338
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21338.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21338.yaml
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21338.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21338.yaml
3
reference_url https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-4jhw-2p6j-5wmp
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-4jhw-2p6j-5wmp
4
reference_url https://packagist.org/packages/typo3/cms-core
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://packagist.org/packages/typo3/cms-core
5
reference_url https://typo3.org/security/advisory/typo3-core-sa-2021-001
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2021-001
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-21338
reference_id CVE-2021-21338
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-21338
fixed_packages
0
url pkg:composer/typo3/cms@8.7.40
purl pkg:composer/typo3/cms@8.7.40
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-j8hk-bqnb-gycp
1
vulnerability VCID-sdjb-gp4t-vbgt
2
vulnerability VCID-uq77-aax5-k7d8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.40
1
url pkg:composer/typo3/cms@9.5.25
purl pkg:composer/typo3/cms@9.5.25
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rhr-8vaz-hqfj
1
vulnerability VCID-a1g9-pyz5-9fca
2
vulnerability VCID-j8hk-bqnb-gycp
3
vulnerability VCID-sdjb-gp4t-vbgt
4
vulnerability VCID-uq77-aax5-k7d8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.25
2
url pkg:composer/typo3/cms@10.4.14
purl pkg:composer/typo3/cms@10.4.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rhr-8vaz-hqfj
1
vulnerability VCID-a1g9-pyz5-9fca
2
vulnerability VCID-j8hk-bqnb-gycp
3
vulnerability VCID-sdjb-gp4t-vbgt
4
vulnerability VCID-uq77-aax5-k7d8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.4.14
3
url pkg:composer/typo3/cms@11.1.1
purl pkg:composer/typo3/cms@11.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rhr-8vaz-hqfj
1
vulnerability VCID-a1g9-pyz5-9fca
2
vulnerability VCID-fsx8-7qjz-2ubw
3
vulnerability VCID-j8hk-bqnb-gycp
4
vulnerability VCID-sdjb-gp4t-vbgt
5
vulnerability VCID-uq77-aax5-k7d8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@11.1.1
aliases CVE-2021-21338, GHSA-4jhw-2p6j-5wmp
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ev4k-5k1d-2bhu
14
url VCID-fdnw-2tz5-4fdr
vulnerability_id VCID-fdnw-2tz5-4fdr
summary 
Uncontrolled Resource Consumption
Denial of Service in Frontend Record Registration.
references
0
reference_url https://typo3.org/security/advisory/typo3-core-sa-2018-012/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2018-012/
fixed_packages
0
url pkg:composer/typo3/cms@8.7.21
purl pkg:composer/typo3/cms@8.7.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-4eym-e6vt-8fbs
3
vulnerability VCID-7m6u-k5tp-gkhy
4
vulnerability VCID-848u-w88s-5bbe
5
vulnerability VCID-am6s-67bm-77dr
6
vulnerability VCID-bn3p-39sv-6fdg
7
vulnerability VCID-ev4k-5k1d-2bhu
8
vulnerability VCID-fqkx-v8t5-q3h6
9
vulnerability VCID-fut7-bb1f-37g7
10
vulnerability VCID-j8hk-bqnb-gycp
11
vulnerability VCID-jp1p-rfxa-hyd9
12
vulnerability VCID-k5t3-28es-h3ez
13
vulnerability VCID-khpm-e1xb-hydb
14
vulnerability VCID-nney-azbc-pucg
15
vulnerability VCID-p7gd-anw2-1qbz
16
vulnerability VCID-pmvp-twk2-jqe4
17
vulnerability VCID-qv14-m93d-jyd9
18
vulnerability VCID-rqrw-t2kj-mud8
19
vulnerability VCID-ru6w-m6q6-27gn
20
vulnerability VCID-sdjb-gp4t-vbgt
21
vulnerability VCID-sdsa-mh76-kqch
22
vulnerability VCID-tgyt-axv1-c7ag
23
vulnerability VCID-u259-2sxq-tbct
24
vulnerability VCID-uq77-aax5-k7d8
25
vulnerability VCID-vw2r-g8yy-eyf4
26
vulnerability VCID-x5x1-w7yv-eye9
27
vulnerability VCID-xw1s-93bu-wuh9
28
vulnerability VCID-y7ds-p5r2-yuhq
29
vulnerability VCID-zmwv-gwq3-fkej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.21
1
url pkg:composer/typo3/cms@9.0.0
purl pkg:composer/typo3/cms@9.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11sw-6x9k-vued
1
vulnerability VCID-11u3-8xzy-jfhh
2
vulnerability VCID-1ffs-9vj5-27hk
3
vulnerability VCID-1sfk-z8py-ykb8
4
vulnerability VCID-28fn-ncj5-2ufk
5
vulnerability VCID-2rhr-8vaz-hqfj
6
vulnerability VCID-2rmv-a83x-9ka8
7
vulnerability VCID-39vn-73mc-jqav
8
vulnerability VCID-3k2k-a3gb-n3ba
9
vulnerability VCID-3ugj-6m1e-e3hr
10
vulnerability VCID-3ye6-vqje-abh4
11
vulnerability VCID-4an7-9ph4-mkd4
12
vulnerability VCID-4eym-e6vt-8fbs
13
vulnerability VCID-4jck-w9ct-budk
14
vulnerability VCID-5k47-9k7t-rqak
15
vulnerability VCID-66kh-c1dm-8fbf
16
vulnerability VCID-6mnf-2fcw-dqgp
17
vulnerability VCID-7ch1-q9f4-a7bt
18
vulnerability VCID-7m6u-k5tp-gkhy
19
vulnerability VCID-7xv1-78u7-xufp
20
vulnerability VCID-848u-w88s-5bbe
21
vulnerability VCID-8w4e-d49b-nbg8
22
vulnerability VCID-94r9-hh4g-jkej
23
vulnerability VCID-953t-q1cr-zyd6
24
vulnerability VCID-9adx-p876-kyb5
25
vulnerability VCID-9yu1-z7c2-t3fj
26
vulnerability VCID-a1g9-pyz5-9fca
27
vulnerability VCID-abjx-8v46-d7d8
28
vulnerability VCID-am6s-67bm-77dr
29
vulnerability VCID-bbh5-rss8-bfct
30
vulnerability VCID-bcbd-zzet-mff6
31
vulnerability VCID-buj5-2t53-3kcr
32
vulnerability VCID-cbmm-1b2k-8qaz
33
vulnerability VCID-cvk2-93hm-gkhx
34
vulnerability VCID-dsqm-9q3e-dudw
35
vulnerability VCID-e6zr-4bgg-kkh5
36
vulnerability VCID-emqq-kwjg-3kfk
37
vulnerability VCID-ev4k-5k1d-2bhu
38
vulnerability VCID-f319-jpf5-hyex
39
vulnerability VCID-f4n7-q72x-3yea
40
vulnerability VCID-fpa2-ffg1-fyaa
41
vulnerability VCID-fqkc-utex-3kav
42
vulnerability VCID-fqkx-v8t5-q3h6
43
vulnerability VCID-fut7-bb1f-37g7
44
vulnerability VCID-gpv4-4tpd-tbaa
45
vulnerability VCID-hknp-f88a-kqec
46
vulnerability VCID-hp99-ncuh-6ugv
47
vulnerability VCID-hsw8-nbs6-auaa
48
vulnerability VCID-j8hk-bqnb-gycp
49
vulnerability VCID-je4q-svfw-hqda
50
vulnerability VCID-jp1p-rfxa-hyd9
51
vulnerability VCID-jq5y-7h9g-mufa
52
vulnerability VCID-jwb1-3sbg-kfa5
53
vulnerability VCID-k5t3-28es-h3ez
54
vulnerability VCID-khpm-e1xb-hydb
55
vulnerability VCID-n1gz-y615-cbbk
56
vulnerability VCID-njsj-bwjq-fyap
57
vulnerability VCID-nney-azbc-pucg
58
vulnerability VCID-p576-w7dd-p3h7
59
vulnerability VCID-p7gd-anw2-1qbz
60
vulnerability VCID-pmvp-twk2-jqe4
61
vulnerability VCID-q2t1-kx56-s3c3
62
vulnerability VCID-q7vt-19eb-sqeq
63
vulnerability VCID-qcnh-z4zh-myaw
64
vulnerability VCID-qdxh-arxx-wbcr
65
vulnerability VCID-qv14-m93d-jyd9
66
vulnerability VCID-qxab-9uwr-yqhv
67
vulnerability VCID-rqrw-t2kj-mud8
68
vulnerability VCID-ru6w-m6q6-27gn
69
vulnerability VCID-sdjb-gp4t-vbgt
70
vulnerability VCID-sdsa-mh76-kqch
71
vulnerability VCID-teby-zvvw-zkhv
72
vulnerability VCID-tgyt-axv1-c7ag
73
vulnerability VCID-tzpj-j3x1-ekgk
74
vulnerability VCID-u259-2sxq-tbct
75
vulnerability VCID-u6as-cwxc-pkhk
76
vulnerability VCID-un7r-8sah-33cr
77
vulnerability VCID-uq77-aax5-k7d8
78
vulnerability VCID-vq15-t92r-5bhx
79
vulnerability VCID-vw2r-g8yy-eyf4
80
vulnerability VCID-w1wb-mq2y-dfca
81
vulnerability VCID-w7z1-aw31-vugx
82
vulnerability VCID-wat8-4m83-hken
83
vulnerability VCID-x5x1-w7yv-eye9
84
vulnerability VCID-xvyu-2hb8-8ufh
85
vulnerability VCID-xw1s-93bu-wuh9
86
vulnerability VCID-y7ds-p5r2-yuhq
87
vulnerability VCID-yh6b-tc4u-v3bk
88
vulnerability VCID-yz6t-ge1y-qfgr
89
vulnerability VCID-zeut-9wfp-q7et
90
vulnerability VCID-zgfw-pk39-gyg8
91
vulnerability VCID-zkvq-bms4-gfcv
92
vulnerability VCID-zmwv-gwq3-fkej
93
vulnerability VCID-zybp-mb3d-jyee
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.0.0
aliases GMS-2018-103
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fdnw-2tz5-4fdr
15
url VCID-fqkx-v8t5-q3h6
vulnerability_id VCID-fqkx-v8t5-q3h6
summary 
Cleartext Storage of Sensitive Information
User session identifiers are stored in cleartext - without processing of additional cryptographic hashing algorithms. This vulnerability cannot be exploited directly and occurs in combination with a chained attack - for example SQL injection in any other component of the system.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-21339
reference_id
reference_type
scores
0
value 0.00132
scoring_system epss
scoring_elements 0.32296
published_at 2026-06-05T12:55:00Z
1
value 0.00132
scoring_system epss
scoring_elements 0.32224
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-21339
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21339.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21339.yaml
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21339.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21339.yaml
3
reference_url https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-qx3w-4864-94ch
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-qx3w-4864-94ch
4
reference_url https://packagist.org/packages/typo3/cms-core
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://packagist.org/packages/typo3/cms-core
5
reference_url https://typo3.org/security/advisory/typo3-core-sa-2021-006
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2021-006
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-21339
reference_id CVE-2021-21339
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-21339
fixed_packages
0
url pkg:composer/typo3/cms@8.7.40
purl pkg:composer/typo3/cms@8.7.40
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-j8hk-bqnb-gycp
1
vulnerability VCID-sdjb-gp4t-vbgt
2
vulnerability VCID-uq77-aax5-k7d8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.40
1
url pkg:composer/typo3/cms@9.5.25
purl pkg:composer/typo3/cms@9.5.25
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rhr-8vaz-hqfj
1
vulnerability VCID-a1g9-pyz5-9fca
2
vulnerability VCID-j8hk-bqnb-gycp
3
vulnerability VCID-sdjb-gp4t-vbgt
4
vulnerability VCID-uq77-aax5-k7d8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.25
2
url pkg:composer/typo3/cms@10.4.14
purl pkg:composer/typo3/cms@10.4.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rhr-8vaz-hqfj
1
vulnerability VCID-a1g9-pyz5-9fca
2
vulnerability VCID-j8hk-bqnb-gycp
3
vulnerability VCID-sdjb-gp4t-vbgt
4
vulnerability VCID-uq77-aax5-k7d8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.4.14
3
url pkg:composer/typo3/cms@11.1.1
purl pkg:composer/typo3/cms@11.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rhr-8vaz-hqfj
1
vulnerability VCID-a1g9-pyz5-9fca
2
vulnerability VCID-fsx8-7qjz-2ubw
3
vulnerability VCID-j8hk-bqnb-gycp
4
vulnerability VCID-sdjb-gp4t-vbgt
5
vulnerability VCID-uq77-aax5-k7d8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@11.1.1
aliases CVE-2021-21339, GHSA-qx3w-4864-94ch
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fqkx-v8t5-q3h6
16
url VCID-fut7-bb1f-37g7
vulnerability_id VCID-fut7-bb1f-37g7
summary 
Cross-site Scripting
Cross-Site Scripting in Link Handling.
references
0
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-015/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2019-015/
fixed_packages
0
url pkg:composer/typo3/cms@8.7.27
purl pkg:composer/typo3/cms@8.7.27
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-848u-w88s-5bbe
3
vulnerability VCID-ev4k-5k1d-2bhu
4
vulnerability VCID-fqkx-v8t5-q3h6
5
vulnerability VCID-j8hk-bqnb-gycp
6
vulnerability VCID-jp1p-rfxa-hyd9
7
vulnerability VCID-p7gd-anw2-1qbz
8
vulnerability VCID-rqrw-t2kj-mud8
9
vulnerability VCID-sdjb-gp4t-vbgt
10
vulnerability VCID-tgyt-axv1-c7ag
11
vulnerability VCID-uq77-aax5-k7d8
12
vulnerability VCID-xw1s-93bu-wuh9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.27
1
url pkg:composer/typo3/cms@9.5.8
purl pkg:composer/typo3/cms@9.5.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-4an7-9ph4-mkd4
4
vulnerability VCID-6mnf-2fcw-dqgp
5
vulnerability VCID-848u-w88s-5bbe
6
vulnerability VCID-8w4e-d49b-nbg8
7
vulnerability VCID-a1g9-pyz5-9fca
8
vulnerability VCID-bbh5-rss8-bfct
9
vulnerability VCID-e6zr-4bgg-kkh5
10
vulnerability VCID-ev4k-5k1d-2bhu
11
vulnerability VCID-fqkx-v8t5-q3h6
12
vulnerability VCID-j8hk-bqnb-gycp
13
vulnerability VCID-jp1p-rfxa-hyd9
14
vulnerability VCID-n1gz-y615-cbbk
15
vulnerability VCID-p7gd-anw2-1qbz
16
vulnerability VCID-rqrw-t2kj-mud8
17
vulnerability VCID-sdjb-gp4t-vbgt
18
vulnerability VCID-tgyt-axv1-c7ag
19
vulnerability VCID-uq77-aax5-k7d8
20
vulnerability VCID-xw1s-93bu-wuh9
21
vulnerability VCID-zkvq-bms4-gfcv
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.8
aliases GMS-2019-186
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fut7-bb1f-37g7
17
url VCID-hp99-ncuh-6ugv
vulnerability_id VCID-hp99-ncuh-6ugv
summary 
Cross-site Scripting
Cross-Site Scripting in Frontend User Login.
references
0
reference_url https://typo3.org/security/advisory/typo3-core-sa-2018-008/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2018-008/
fixed_packages
0
url pkg:composer/typo3/cms@8.7.21
purl pkg:composer/typo3/cms@8.7.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-4eym-e6vt-8fbs
3
vulnerability VCID-7m6u-k5tp-gkhy
4
vulnerability VCID-848u-w88s-5bbe
5
vulnerability VCID-am6s-67bm-77dr
6
vulnerability VCID-bn3p-39sv-6fdg
7
vulnerability VCID-ev4k-5k1d-2bhu
8
vulnerability VCID-fqkx-v8t5-q3h6
9
vulnerability VCID-fut7-bb1f-37g7
10
vulnerability VCID-j8hk-bqnb-gycp
11
vulnerability VCID-jp1p-rfxa-hyd9
12
vulnerability VCID-k5t3-28es-h3ez
13
vulnerability VCID-khpm-e1xb-hydb
14
vulnerability VCID-nney-azbc-pucg
15
vulnerability VCID-p7gd-anw2-1qbz
16
vulnerability VCID-pmvp-twk2-jqe4
17
vulnerability VCID-qv14-m93d-jyd9
18
vulnerability VCID-rqrw-t2kj-mud8
19
vulnerability VCID-ru6w-m6q6-27gn
20
vulnerability VCID-sdjb-gp4t-vbgt
21
vulnerability VCID-sdsa-mh76-kqch
22
vulnerability VCID-tgyt-axv1-c7ag
23
vulnerability VCID-u259-2sxq-tbct
24
vulnerability VCID-uq77-aax5-k7d8
25
vulnerability VCID-vw2r-g8yy-eyf4
26
vulnerability VCID-x5x1-w7yv-eye9
27
vulnerability VCID-xw1s-93bu-wuh9
28
vulnerability VCID-y7ds-p5r2-yuhq
29
vulnerability VCID-zmwv-gwq3-fkej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.21
1
url pkg:composer/typo3/cms@9.5.2
purl pkg:composer/typo3/cms@9.5.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-3ye6-vqje-abh4
4
vulnerability VCID-4an7-9ph4-mkd4
5
vulnerability VCID-4eym-e6vt-8fbs
6
vulnerability VCID-4jck-w9ct-budk
7
vulnerability VCID-6mnf-2fcw-dqgp
8
vulnerability VCID-7m6u-k5tp-gkhy
9
vulnerability VCID-7xv1-78u7-xufp
10
vulnerability VCID-848u-w88s-5bbe
11
vulnerability VCID-8w4e-d49b-nbg8
12
vulnerability VCID-9adx-p876-kyb5
13
vulnerability VCID-a1g9-pyz5-9fca
14
vulnerability VCID-am6s-67bm-77dr
15
vulnerability VCID-bbh5-rss8-bfct
16
vulnerability VCID-cvk2-93hm-gkhx
17
vulnerability VCID-e6zr-4bgg-kkh5
18
vulnerability VCID-ev4k-5k1d-2bhu
19
vulnerability VCID-fqkx-v8t5-q3h6
20
vulnerability VCID-fut7-bb1f-37g7
21
vulnerability VCID-j8hk-bqnb-gycp
22
vulnerability VCID-jp1p-rfxa-hyd9
23
vulnerability VCID-k5t3-28es-h3ez
24
vulnerability VCID-khpm-e1xb-hydb
25
vulnerability VCID-n1gz-y615-cbbk
26
vulnerability VCID-nney-azbc-pucg
27
vulnerability VCID-p7gd-anw2-1qbz
28
vulnerability VCID-pmvp-twk2-jqe4
29
vulnerability VCID-qv14-m93d-jyd9
30
vulnerability VCID-rqrw-t2kj-mud8
31
vulnerability VCID-ru6w-m6q6-27gn
32
vulnerability VCID-sdjb-gp4t-vbgt
33
vulnerability VCID-sdsa-mh76-kqch
34
vulnerability VCID-tgyt-axv1-c7ag
35
vulnerability VCID-u259-2sxq-tbct
36
vulnerability VCID-uq77-aax5-k7d8
37
vulnerability VCID-vw2r-g8yy-eyf4
38
vulnerability VCID-x5x1-w7yv-eye9
39
vulnerability VCID-xw1s-93bu-wuh9
40
vulnerability VCID-y7ds-p5r2-yuhq
41
vulnerability VCID-zeut-9wfp-q7et
42
vulnerability VCID-zkvq-bms4-gfcv
43
vulnerability VCID-zmwv-gwq3-fkej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.2
aliases GMS-2018-99
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hp99-ncuh-6ugv
18
url VCID-j8hk-bqnb-gycp
vulnerability_id VCID-j8hk-bqnb-gycp
summary 
Cross-site Scripting
TYPO3 contains a cross-site scripting vulnerability. When error messages are not properly encoded, the components `_QueryGenerator_` and `_QueryView_` are vulnerable to both reflected and persistent cross-site scripting. A valid backend user account having administrator privileges is needed to exploit this vulnerability. TYPO3 contain a patch for this issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-32668
reference_id
reference_type
scores
0
value 0.00364
scoring_system epss
scoring_elements 0.58727
published_at 2026-06-04T12:55:00Z
1
value 0.00364
scoring_system epss
scoring_elements 0.58774
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-32668
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32668.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32668.yaml
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32668.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32668.yaml
3
reference_url https://github.com/TYPO3/typo3
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3
4
reference_url https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-6mh3-j5r5-2379
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-6mh3-j5r5-2379
5
reference_url https://github.com/TYPO3/typo3/security/advisories/GHSA-6mh3-j5r5-2379
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3/security/advisories/GHSA-6mh3-j5r5-2379
6
reference_url https://typo3.org/security/advisory/typo3-core-sa-2021-010
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2021-010
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-32668
reference_id CVE-2021-32668
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-32668
fixed_packages
0
url pkg:composer/typo3/cms@9.5.28
purl pkg:composer/typo3/cms@9.5.28
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rhr-8vaz-hqfj
1
vulnerability VCID-j8hk-bqnb-gycp
2
vulnerability VCID-sdjb-gp4t-vbgt
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.28
1
url pkg:composer/typo3/cms@10.4.18
purl pkg:composer/typo3/cms@10.4.18
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rhr-8vaz-hqfj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.4.18
2
url pkg:composer/typo3/cms@11.3.1
purl pkg:composer/typo3/cms@11.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rhr-8vaz-hqfj
1
vulnerability VCID-b9sw-6tzm-3yhj
2
vulnerability VCID-fsx8-7qjz-2ubw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@11.3.1
aliases CVE-2021-32668, GHSA-6mh3-j5r5-2379
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j8hk-bqnb-gycp
19
url VCID-je4q-svfw-hqda
vulnerability_id VCID-je4q-svfw-hqda
summary Insecure Deserialization in TYPO3 CMS.
references
0
reference_url https://typo3.org/security/advisory/typo3-core-sa-2018-004/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2018-004/
fixed_packages
0
url pkg:composer/typo3/cms@8.7.17
purl pkg:composer/typo3/cms@8.7.17
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-3ugj-6m1e-e3hr
3
vulnerability VCID-4eym-e6vt-8fbs
4
vulnerability VCID-7ch1-q9f4-a7bt
5
vulnerability VCID-7m6u-k5tp-gkhy
6
vulnerability VCID-848u-w88s-5bbe
7
vulnerability VCID-953t-q1cr-zyd6
8
vulnerability VCID-am6s-67bm-77dr
9
vulnerability VCID-bn3p-39sv-6fdg
10
vulnerability VCID-dsqm-9q3e-dudw
11
vulnerability VCID-emqq-kwjg-3kfk
12
vulnerability VCID-ev4k-5k1d-2bhu
13
vulnerability VCID-fdnw-2tz5-4fdr
14
vulnerability VCID-fqkx-v8t5-q3h6
15
vulnerability VCID-fut7-bb1f-37g7
16
vulnerability VCID-hp99-ncuh-6ugv
17
vulnerability VCID-j8hk-bqnb-gycp
18
vulnerability VCID-jp1p-rfxa-hyd9
19
vulnerability VCID-jq5y-7h9g-mufa
20
vulnerability VCID-k5t3-28es-h3ez
21
vulnerability VCID-khpm-e1xb-hydb
22
vulnerability VCID-nney-azbc-pucg
23
vulnerability VCID-p7gd-anw2-1qbz
24
vulnerability VCID-pmvp-twk2-jqe4
25
vulnerability VCID-qv14-m93d-jyd9
26
vulnerability VCID-qxab-9uwr-yqhv
27
vulnerability VCID-rqrw-t2kj-mud8
28
vulnerability VCID-ru6w-m6q6-27gn
29
vulnerability VCID-sdjb-gp4t-vbgt
30
vulnerability VCID-sdsa-mh76-kqch
31
vulnerability VCID-tgyt-axv1-c7ag
32
vulnerability VCID-u259-2sxq-tbct
33
vulnerability VCID-uq77-aax5-k7d8
34
vulnerability VCID-vw2r-g8yy-eyf4
35
vulnerability VCID-x5x1-w7yv-eye9
36
vulnerability VCID-xw1s-93bu-wuh9
37
vulnerability VCID-y7ds-p5r2-yuhq
38
vulnerability VCID-yz6t-ge1y-qfgr
39
vulnerability VCID-zmwv-gwq3-fkej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.17
1
url pkg:composer/typo3/cms@9.3.2
purl pkg:composer/typo3/cms@9.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-3ugj-6m1e-e3hr
4
vulnerability VCID-3ye6-vqje-abh4
5
vulnerability VCID-4an7-9ph4-mkd4
6
vulnerability VCID-4eym-e6vt-8fbs
7
vulnerability VCID-4jck-w9ct-budk
8
vulnerability VCID-6mnf-2fcw-dqgp
9
vulnerability VCID-7ch1-q9f4-a7bt
10
vulnerability VCID-7m6u-k5tp-gkhy
11
vulnerability VCID-7xv1-78u7-xufp
12
vulnerability VCID-848u-w88s-5bbe
13
vulnerability VCID-8w4e-d49b-nbg8
14
vulnerability VCID-953t-q1cr-zyd6
15
vulnerability VCID-9adx-p876-kyb5
16
vulnerability VCID-a1g9-pyz5-9fca
17
vulnerability VCID-am6s-67bm-77dr
18
vulnerability VCID-bbh5-rss8-bfct
19
vulnerability VCID-cvk2-93hm-gkhx
20
vulnerability VCID-dsqm-9q3e-dudw
21
vulnerability VCID-e6zr-4bgg-kkh5
22
vulnerability VCID-emqq-kwjg-3kfk
23
vulnerability VCID-ev4k-5k1d-2bhu
24
vulnerability VCID-fqkx-v8t5-q3h6
25
vulnerability VCID-fut7-bb1f-37g7
26
vulnerability VCID-hp99-ncuh-6ugv
27
vulnerability VCID-j8hk-bqnb-gycp
28
vulnerability VCID-jp1p-rfxa-hyd9
29
vulnerability VCID-jq5y-7h9g-mufa
30
vulnerability VCID-k5t3-28es-h3ez
31
vulnerability VCID-khpm-e1xb-hydb
32
vulnerability VCID-n1gz-y615-cbbk
33
vulnerability VCID-nney-azbc-pucg
34
vulnerability VCID-p7gd-anw2-1qbz
35
vulnerability VCID-pmvp-twk2-jqe4
36
vulnerability VCID-qv14-m93d-jyd9
37
vulnerability VCID-qxab-9uwr-yqhv
38
vulnerability VCID-rqrw-t2kj-mud8
39
vulnerability VCID-ru6w-m6q6-27gn
40
vulnerability VCID-sdjb-gp4t-vbgt
41
vulnerability VCID-sdsa-mh76-kqch
42
vulnerability VCID-tgyt-axv1-c7ag
43
vulnerability VCID-u259-2sxq-tbct
44
vulnerability VCID-uq77-aax5-k7d8
45
vulnerability VCID-vw2r-g8yy-eyf4
46
vulnerability VCID-x5x1-w7yv-eye9
47
vulnerability VCID-xw1s-93bu-wuh9
48
vulnerability VCID-y7ds-p5r2-yuhq
49
vulnerability VCID-yz6t-ge1y-qfgr
50
vulnerability VCID-zeut-9wfp-q7et
51
vulnerability VCID-zkvq-bms4-gfcv
52
vulnerability VCID-zmwv-gwq3-fkej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.3.2
aliases GMS-2018-96
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-je4q-svfw-hqda
20
url VCID-jp1p-rfxa-hyd9
vulnerability_id VCID-jp1p-rfxa-hyd9
summary 
Cross-site Scripting
Content elements of type `_menu_` are vulnerable to cross-site scripting when their referenced items get previewed in the page module. A valid backend user account is needed to exploit this vulnerability.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-21370
reference_id
reference_type
scores
0
value 0.00342
scoring_system epss
scoring_elements 0.57164
published_at 2026-06-05T12:55:00Z
1
value 0.00342
scoring_system epss
scoring_elements 0.57112
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-21370
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21370.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21370.yaml
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21370.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21370.yaml
3
reference_url https://packagist.org/packages/typo3/cms-backend
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://packagist.org/packages/typo3/cms-backend
4
reference_url https://typo3.org/security/advisory/typo3-core-sa-2021-008
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2021-008
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-21370
reference_id CVE-2021-21370
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-21370
6
reference_url https://github.com/advisories/GHSA-x7hc-x7fm-f7qh
reference_id GHSA-x7hc-x7fm-f7qh
reference_type
scores
url https://github.com/advisories/GHSA-x7hc-x7fm-f7qh
7
reference_url https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-x7hc-x7fm-f7qh
reference_id GHSA-x7hc-x7fm-f7qh
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-x7hc-x7fm-f7qh
fixed_packages
0
url pkg:composer/typo3/cms@8.7.40
purl pkg:composer/typo3/cms@8.7.40
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-j8hk-bqnb-gycp
1
vulnerability VCID-sdjb-gp4t-vbgt
2
vulnerability VCID-uq77-aax5-k7d8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.40
1
url pkg:composer/typo3/cms@9.5.25
purl pkg:composer/typo3/cms@9.5.25
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rhr-8vaz-hqfj
1
vulnerability VCID-a1g9-pyz5-9fca
2
vulnerability VCID-j8hk-bqnb-gycp
3
vulnerability VCID-sdjb-gp4t-vbgt
4
vulnerability VCID-uq77-aax5-k7d8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.25
2
url pkg:composer/typo3/cms@10.4.14
purl pkg:composer/typo3/cms@10.4.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rhr-8vaz-hqfj
1
vulnerability VCID-a1g9-pyz5-9fca
2
vulnerability VCID-j8hk-bqnb-gycp
3
vulnerability VCID-sdjb-gp4t-vbgt
4
vulnerability VCID-uq77-aax5-k7d8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.4.14
3
url pkg:composer/typo3/cms@11.1.1
purl pkg:composer/typo3/cms@11.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rhr-8vaz-hqfj
1
vulnerability VCID-a1g9-pyz5-9fca
2
vulnerability VCID-fsx8-7qjz-2ubw
3
vulnerability VCID-j8hk-bqnb-gycp
4
vulnerability VCID-sdjb-gp4t-vbgt
5
vulnerability VCID-uq77-aax5-k7d8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@11.1.1
aliases CVE-2021-21370, GHSA-x7hc-x7fm-f7qh
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jp1p-rfxa-hyd9
21
url VCID-jq5y-7h9g-mufa
vulnerability_id VCID-jq5y-7h9g-mufa
summary Information Disclosure in Install Tool.
references
0
reference_url https://typo3.org/security/advisory/typo3-core-sa-2018-010/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2018-010/
fixed_packages
0
url pkg:composer/typo3/cms@8.7.21
purl pkg:composer/typo3/cms@8.7.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-4eym-e6vt-8fbs
3
vulnerability VCID-7m6u-k5tp-gkhy
4
vulnerability VCID-848u-w88s-5bbe
5
vulnerability VCID-am6s-67bm-77dr
6
vulnerability VCID-bn3p-39sv-6fdg
7
vulnerability VCID-ev4k-5k1d-2bhu
8
vulnerability VCID-fqkx-v8t5-q3h6
9
vulnerability VCID-fut7-bb1f-37g7
10
vulnerability VCID-j8hk-bqnb-gycp
11
vulnerability VCID-jp1p-rfxa-hyd9
12
vulnerability VCID-k5t3-28es-h3ez
13
vulnerability VCID-khpm-e1xb-hydb
14
vulnerability VCID-nney-azbc-pucg
15
vulnerability VCID-p7gd-anw2-1qbz
16
vulnerability VCID-pmvp-twk2-jqe4
17
vulnerability VCID-qv14-m93d-jyd9
18
vulnerability VCID-rqrw-t2kj-mud8
19
vulnerability VCID-ru6w-m6q6-27gn
20
vulnerability VCID-sdjb-gp4t-vbgt
21
vulnerability VCID-sdsa-mh76-kqch
22
vulnerability VCID-tgyt-axv1-c7ag
23
vulnerability VCID-u259-2sxq-tbct
24
vulnerability VCID-uq77-aax5-k7d8
25
vulnerability VCID-vw2r-g8yy-eyf4
26
vulnerability VCID-x5x1-w7yv-eye9
27
vulnerability VCID-xw1s-93bu-wuh9
28
vulnerability VCID-y7ds-p5r2-yuhq
29
vulnerability VCID-zmwv-gwq3-fkej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.21
1
url pkg:composer/typo3/cms@9.5.2
purl pkg:composer/typo3/cms@9.5.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-3ye6-vqje-abh4
4
vulnerability VCID-4an7-9ph4-mkd4
5
vulnerability VCID-4eym-e6vt-8fbs
6
vulnerability VCID-4jck-w9ct-budk
7
vulnerability VCID-6mnf-2fcw-dqgp
8
vulnerability VCID-7m6u-k5tp-gkhy
9
vulnerability VCID-7xv1-78u7-xufp
10
vulnerability VCID-848u-w88s-5bbe
11
vulnerability VCID-8w4e-d49b-nbg8
12
vulnerability VCID-9adx-p876-kyb5
13
vulnerability VCID-a1g9-pyz5-9fca
14
vulnerability VCID-am6s-67bm-77dr
15
vulnerability VCID-bbh5-rss8-bfct
16
vulnerability VCID-cvk2-93hm-gkhx
17
vulnerability VCID-e6zr-4bgg-kkh5
18
vulnerability VCID-ev4k-5k1d-2bhu
19
vulnerability VCID-fqkx-v8t5-q3h6
20
vulnerability VCID-fut7-bb1f-37g7
21
vulnerability VCID-j8hk-bqnb-gycp
22
vulnerability VCID-jp1p-rfxa-hyd9
23
vulnerability VCID-k5t3-28es-h3ez
24
vulnerability VCID-khpm-e1xb-hydb
25
vulnerability VCID-n1gz-y615-cbbk
26
vulnerability VCID-nney-azbc-pucg
27
vulnerability VCID-p7gd-anw2-1qbz
28
vulnerability VCID-pmvp-twk2-jqe4
29
vulnerability VCID-qv14-m93d-jyd9
30
vulnerability VCID-rqrw-t2kj-mud8
31
vulnerability VCID-ru6w-m6q6-27gn
32
vulnerability VCID-sdjb-gp4t-vbgt
33
vulnerability VCID-sdsa-mh76-kqch
34
vulnerability VCID-tgyt-axv1-c7ag
35
vulnerability VCID-u259-2sxq-tbct
36
vulnerability VCID-uq77-aax5-k7d8
37
vulnerability VCID-vw2r-g8yy-eyf4
38
vulnerability VCID-x5x1-w7yv-eye9
39
vulnerability VCID-xw1s-93bu-wuh9
40
vulnerability VCID-y7ds-p5r2-yuhq
41
vulnerability VCID-zeut-9wfp-q7et
42
vulnerability VCID-zkvq-bms4-gfcv
43
vulnerability VCID-zmwv-gwq3-fkej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.2
aliases GMS-2018-101
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jq5y-7h9g-mufa
22
url VCID-k5t3-28es-h3ez
vulnerability_id VCID-k5t3-28es-h3ez
summary 
Improper Input Validation
TYPO3 allows remote code execution because it does not properly configure the applications used for image processing, as demonstrated by `ImageMagick` or `GraphicsMagick`.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-11832
reference_id
reference_type
scores
0
value 0.00898
scoring_system epss
scoring_elements 0.76028
published_at 2026-06-04T12:55:00Z
1
value 0.00898
scoring_system epss
scoring_elements 0.76053
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-11832
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-11832.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-11832.yaml
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-11832.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-11832.yaml
3
reference_url https://github.com/github/advisory-database/pull/3530
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/github/advisory-database/pull/3530
4
reference_url https://github.com/TYPO3/typo3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3
5
reference_url https://github.com/TYPO3/typo3/commit/2c04eeac44733fda491f92c697f88c1337d19c79
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3/commit/2c04eeac44733fda491f92c697f88c1337d19c79
6
reference_url https://github.com/TYPO3/typo3/commit/51fdb774a57ee30e8d60c0e33b4a0b92d775739e
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3/commit/51fdb774a57ee30e8d60c0e33b4a0b92d775739e
7
reference_url https://github.com/TYPO3/typo3/commit/e845d90b82b2f72ab12a9e37f15082297832beca
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3/commit/e845d90b82b2f72ab12a9e37f15082297832beca
8
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-012
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2019-012
9
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-012/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2019-012/
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-11832
reference_id CVE-2019-11832
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-11832
11
reference_url https://github.com/advisories/GHSA-3w4h-r27h-4r2w
reference_id GHSA-3w4h-r27h-4r2w
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3w4h-r27h-4r2w
fixed_packages
0
url pkg:composer/typo3/cms@8.7.25
purl pkg:composer/typo3/cms@8.7.25
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-4eym-e6vt-8fbs
3
vulnerability VCID-7m6u-k5tp-gkhy
4
vulnerability VCID-848u-w88s-5bbe
5
vulnerability VCID-cbmm-1b2k-8qaz
6
vulnerability VCID-ev4k-5k1d-2bhu
7
vulnerability VCID-fqkx-v8t5-q3h6
8
vulnerability VCID-fut7-bb1f-37g7
9
vulnerability VCID-j8hk-bqnb-gycp
10
vulnerability VCID-jp1p-rfxa-hyd9
11
vulnerability VCID-nney-azbc-pucg
12
vulnerability VCID-p7gd-anw2-1qbz
13
vulnerability VCID-qv14-m93d-jyd9
14
vulnerability VCID-rqrw-t2kj-mud8
15
vulnerability VCID-sdjb-gp4t-vbgt
16
vulnerability VCID-tgyt-axv1-c7ag
17
vulnerability VCID-uq77-aax5-k7d8
18
vulnerability VCID-xw1s-93bu-wuh9
19
vulnerability VCID-y7ds-p5r2-yuhq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.25
1
url pkg:composer/typo3/cms@9.5.6
purl pkg:composer/typo3/cms@9.5.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-4an7-9ph4-mkd4
4
vulnerability VCID-4eym-e6vt-8fbs
5
vulnerability VCID-6mnf-2fcw-dqgp
6
vulnerability VCID-7m6u-k5tp-gkhy
7
vulnerability VCID-7xv1-78u7-xufp
8
vulnerability VCID-848u-w88s-5bbe
9
vulnerability VCID-8w4e-d49b-nbg8
10
vulnerability VCID-a1g9-pyz5-9fca
11
vulnerability VCID-bbh5-rss8-bfct
12
vulnerability VCID-cbmm-1b2k-8qaz
13
vulnerability VCID-cvk2-93hm-gkhx
14
vulnerability VCID-e6zr-4bgg-kkh5
15
vulnerability VCID-ev4k-5k1d-2bhu
16
vulnerability VCID-fqkx-v8t5-q3h6
17
vulnerability VCID-fut7-bb1f-37g7
18
vulnerability VCID-j8hk-bqnb-gycp
19
vulnerability VCID-jp1p-rfxa-hyd9
20
vulnerability VCID-n1gz-y615-cbbk
21
vulnerability VCID-nney-azbc-pucg
22
vulnerability VCID-p7gd-anw2-1qbz
23
vulnerability VCID-qv14-m93d-jyd9
24
vulnerability VCID-rqrw-t2kj-mud8
25
vulnerability VCID-sdjb-gp4t-vbgt
26
vulnerability VCID-tgyt-axv1-c7ag
27
vulnerability VCID-uq77-aax5-k7d8
28
vulnerability VCID-xw1s-93bu-wuh9
29
vulnerability VCID-y7ds-p5r2-yuhq
30
vulnerability VCID-zeut-9wfp-q7et
31
vulnerability VCID-zkvq-bms4-gfcv
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.6
aliases CVE-2019-11832, GHSA-3w4h-r27h-4r2w
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k5t3-28es-h3ez
23
url VCID-khpm-e1xb-hydb
vulnerability_id VCID-khpm-e1xb-hydb
summary Information Disclosure of Installed Extensions.
references
0
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-001/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2019-001/
fixed_packages
0
url pkg:composer/typo3/cms@8.7.23
purl pkg:composer/typo3/cms@8.7.23
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-4eym-e6vt-8fbs
3
vulnerability VCID-7m6u-k5tp-gkhy
4
vulnerability VCID-848u-w88s-5bbe
5
vulnerability VCID-ev4k-5k1d-2bhu
6
vulnerability VCID-fqkx-v8t5-q3h6
7
vulnerability VCID-fut7-bb1f-37g7
8
vulnerability VCID-j8hk-bqnb-gycp
9
vulnerability VCID-jp1p-rfxa-hyd9
10
vulnerability VCID-k5t3-28es-h3ez
11
vulnerability VCID-nney-azbc-pucg
12
vulnerability VCID-p7gd-anw2-1qbz
13
vulnerability VCID-qv14-m93d-jyd9
14
vulnerability VCID-rqrw-t2kj-mud8
15
vulnerability VCID-ru6w-m6q6-27gn
16
vulnerability VCID-sdjb-gp4t-vbgt
17
vulnerability VCID-sdsa-mh76-kqch
18
vulnerability VCID-tgyt-axv1-c7ag
19
vulnerability VCID-uq77-aax5-k7d8
20
vulnerability VCID-x5x1-w7yv-eye9
21
vulnerability VCID-xw1s-93bu-wuh9
22
vulnerability VCID-y7ds-p5r2-yuhq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.23
1
url pkg:composer/typo3/cms@9.5.4
purl pkg:composer/typo3/cms@9.5.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-3ye6-vqje-abh4
4
vulnerability VCID-4an7-9ph4-mkd4
5
vulnerability VCID-4eym-e6vt-8fbs
6
vulnerability VCID-6mnf-2fcw-dqgp
7
vulnerability VCID-7m6u-k5tp-gkhy
8
vulnerability VCID-7xv1-78u7-xufp
9
vulnerability VCID-848u-w88s-5bbe
10
vulnerability VCID-8w4e-d49b-nbg8
11
vulnerability VCID-9adx-p876-kyb5
12
vulnerability VCID-a1g9-pyz5-9fca
13
vulnerability VCID-bbh5-rss8-bfct
14
vulnerability VCID-cvk2-93hm-gkhx
15
vulnerability VCID-e6zr-4bgg-kkh5
16
vulnerability VCID-ev4k-5k1d-2bhu
17
vulnerability VCID-fqkx-v8t5-q3h6
18
vulnerability VCID-fut7-bb1f-37g7
19
vulnerability VCID-j8hk-bqnb-gycp
20
vulnerability VCID-jp1p-rfxa-hyd9
21
vulnerability VCID-k5t3-28es-h3ez
22
vulnerability VCID-n1gz-y615-cbbk
23
vulnerability VCID-nney-azbc-pucg
24
vulnerability VCID-p7gd-anw2-1qbz
25
vulnerability VCID-qv14-m93d-jyd9
26
vulnerability VCID-rqrw-t2kj-mud8
27
vulnerability VCID-ru6w-m6q6-27gn
28
vulnerability VCID-sdjb-gp4t-vbgt
29
vulnerability VCID-sdsa-mh76-kqch
30
vulnerability VCID-tgyt-axv1-c7ag
31
vulnerability VCID-uq77-aax5-k7d8
32
vulnerability VCID-x5x1-w7yv-eye9
33
vulnerability VCID-xw1s-93bu-wuh9
34
vulnerability VCID-y7ds-p5r2-yuhq
35
vulnerability VCID-zeut-9wfp-q7et
36
vulnerability VCID-zkvq-bms4-gfcv
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.4
aliases GMS-2019-172
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-khpm-e1xb-hydb
24
url VCID-njsj-bwjq-fyap
vulnerability_id VCID-njsj-bwjq-fyap
summary Insecure Deserialization & Arbitrary Code Execution in TYPO3 CMS.
references
0
reference_url https://typo3.org/security/advisory/typo3-core-sa-2018-002/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2018-002/
fixed_packages
0
url pkg:composer/typo3/cms@8.7.17
purl pkg:composer/typo3/cms@8.7.17
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-3ugj-6m1e-e3hr
3
vulnerability VCID-4eym-e6vt-8fbs
4
vulnerability VCID-7ch1-q9f4-a7bt
5
vulnerability VCID-7m6u-k5tp-gkhy
6
vulnerability VCID-848u-w88s-5bbe
7
vulnerability VCID-953t-q1cr-zyd6
8
vulnerability VCID-am6s-67bm-77dr
9
vulnerability VCID-bn3p-39sv-6fdg
10
vulnerability VCID-dsqm-9q3e-dudw
11
vulnerability VCID-emqq-kwjg-3kfk
12
vulnerability VCID-ev4k-5k1d-2bhu
13
vulnerability VCID-fdnw-2tz5-4fdr
14
vulnerability VCID-fqkx-v8t5-q3h6
15
vulnerability VCID-fut7-bb1f-37g7
16
vulnerability VCID-hp99-ncuh-6ugv
17
vulnerability VCID-j8hk-bqnb-gycp
18
vulnerability VCID-jp1p-rfxa-hyd9
19
vulnerability VCID-jq5y-7h9g-mufa
20
vulnerability VCID-k5t3-28es-h3ez
21
vulnerability VCID-khpm-e1xb-hydb
22
vulnerability VCID-nney-azbc-pucg
23
vulnerability VCID-p7gd-anw2-1qbz
24
vulnerability VCID-pmvp-twk2-jqe4
25
vulnerability VCID-qv14-m93d-jyd9
26
vulnerability VCID-qxab-9uwr-yqhv
27
vulnerability VCID-rqrw-t2kj-mud8
28
vulnerability VCID-ru6w-m6q6-27gn
29
vulnerability VCID-sdjb-gp4t-vbgt
30
vulnerability VCID-sdsa-mh76-kqch
31
vulnerability VCID-tgyt-axv1-c7ag
32
vulnerability VCID-u259-2sxq-tbct
33
vulnerability VCID-uq77-aax5-k7d8
34
vulnerability VCID-vw2r-g8yy-eyf4
35
vulnerability VCID-x5x1-w7yv-eye9
36
vulnerability VCID-xw1s-93bu-wuh9
37
vulnerability VCID-y7ds-p5r2-yuhq
38
vulnerability VCID-yz6t-ge1y-qfgr
39
vulnerability VCID-zmwv-gwq3-fkej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.17
1
url pkg:composer/typo3/cms@9.3.2
purl pkg:composer/typo3/cms@9.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-3ugj-6m1e-e3hr
4
vulnerability VCID-3ye6-vqje-abh4
5
vulnerability VCID-4an7-9ph4-mkd4
6
vulnerability VCID-4eym-e6vt-8fbs
7
vulnerability VCID-4jck-w9ct-budk
8
vulnerability VCID-6mnf-2fcw-dqgp
9
vulnerability VCID-7ch1-q9f4-a7bt
10
vulnerability VCID-7m6u-k5tp-gkhy
11
vulnerability VCID-7xv1-78u7-xufp
12
vulnerability VCID-848u-w88s-5bbe
13
vulnerability VCID-8w4e-d49b-nbg8
14
vulnerability VCID-953t-q1cr-zyd6
15
vulnerability VCID-9adx-p876-kyb5
16
vulnerability VCID-a1g9-pyz5-9fca
17
vulnerability VCID-am6s-67bm-77dr
18
vulnerability VCID-bbh5-rss8-bfct
19
vulnerability VCID-cvk2-93hm-gkhx
20
vulnerability VCID-dsqm-9q3e-dudw
21
vulnerability VCID-e6zr-4bgg-kkh5
22
vulnerability VCID-emqq-kwjg-3kfk
23
vulnerability VCID-ev4k-5k1d-2bhu
24
vulnerability VCID-fqkx-v8t5-q3h6
25
vulnerability VCID-fut7-bb1f-37g7
26
vulnerability VCID-hp99-ncuh-6ugv
27
vulnerability VCID-j8hk-bqnb-gycp
28
vulnerability VCID-jp1p-rfxa-hyd9
29
vulnerability VCID-jq5y-7h9g-mufa
30
vulnerability VCID-k5t3-28es-h3ez
31
vulnerability VCID-khpm-e1xb-hydb
32
vulnerability VCID-n1gz-y615-cbbk
33
vulnerability VCID-nney-azbc-pucg
34
vulnerability VCID-p7gd-anw2-1qbz
35
vulnerability VCID-pmvp-twk2-jqe4
36
vulnerability VCID-qv14-m93d-jyd9
37
vulnerability VCID-qxab-9uwr-yqhv
38
vulnerability VCID-rqrw-t2kj-mud8
39
vulnerability VCID-ru6w-m6q6-27gn
40
vulnerability VCID-sdjb-gp4t-vbgt
41
vulnerability VCID-sdsa-mh76-kqch
42
vulnerability VCID-tgyt-axv1-c7ag
43
vulnerability VCID-u259-2sxq-tbct
44
vulnerability VCID-uq77-aax5-k7d8
45
vulnerability VCID-vw2r-g8yy-eyf4
46
vulnerability VCID-x5x1-w7yv-eye9
47
vulnerability VCID-xw1s-93bu-wuh9
48
vulnerability VCID-y7ds-p5r2-yuhq
49
vulnerability VCID-yz6t-ge1y-qfgr
50
vulnerability VCID-zeut-9wfp-q7et
51
vulnerability VCID-zkvq-bms4-gfcv
52
vulnerability VCID-zmwv-gwq3-fkej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.3.2
aliases GMS-2018-94
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-njsj-bwjq-fyap
25
url VCID-nney-azbc-pucg
vulnerability_id VCID-nney-azbc-pucg
summary Information Disclosure in Backend User Interface.
references
0
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-014/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2019-014/
fixed_packages
0
url pkg:composer/typo3/cms@8.7.27
purl pkg:composer/typo3/cms@8.7.27
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-848u-w88s-5bbe
3
vulnerability VCID-ev4k-5k1d-2bhu
4
vulnerability VCID-fqkx-v8t5-q3h6
5
vulnerability VCID-j8hk-bqnb-gycp
6
vulnerability VCID-jp1p-rfxa-hyd9
7
vulnerability VCID-p7gd-anw2-1qbz
8
vulnerability VCID-rqrw-t2kj-mud8
9
vulnerability VCID-sdjb-gp4t-vbgt
10
vulnerability VCID-tgyt-axv1-c7ag
11
vulnerability VCID-uq77-aax5-k7d8
12
vulnerability VCID-xw1s-93bu-wuh9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.27
1
url pkg:composer/typo3/cms@9.5.8
purl pkg:composer/typo3/cms@9.5.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-4an7-9ph4-mkd4
4
vulnerability VCID-6mnf-2fcw-dqgp
5
vulnerability VCID-848u-w88s-5bbe
6
vulnerability VCID-8w4e-d49b-nbg8
7
vulnerability VCID-a1g9-pyz5-9fca
8
vulnerability VCID-bbh5-rss8-bfct
9
vulnerability VCID-e6zr-4bgg-kkh5
10
vulnerability VCID-ev4k-5k1d-2bhu
11
vulnerability VCID-fqkx-v8t5-q3h6
12
vulnerability VCID-j8hk-bqnb-gycp
13
vulnerability VCID-jp1p-rfxa-hyd9
14
vulnerability VCID-n1gz-y615-cbbk
15
vulnerability VCID-p7gd-anw2-1qbz
16
vulnerability VCID-rqrw-t2kj-mud8
17
vulnerability VCID-sdjb-gp4t-vbgt
18
vulnerability VCID-tgyt-axv1-c7ag
19
vulnerability VCID-uq77-aax5-k7d8
20
vulnerability VCID-xw1s-93bu-wuh9
21
vulnerability VCID-zkvq-bms4-gfcv
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.8
aliases GMS-2019-185
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nney-azbc-pucg
26
url VCID-p7gd-anw2-1qbz
vulnerability_id VCID-p7gd-anw2-1qbz
summary 
Deserialization of Untrusted Data
It has been discovered that the classes `QueryGenerator` and `QueryView` are vulnerable to insecure deserialization. One exploitable scenario requires having the system extension `ext:lowlevel` (Backend Module `DB Check`) installed, with a valid backend user who has administrator privileges. The other exploitable scenario requires having the system extension `ext:sys_action` installed, with a valid backend user who has limited privileges.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-19849
reference_id
reference_type
scores
0
value 0.00746
scoring_system epss
scoring_elements 0.7342
published_at 2026-06-04T12:55:00Z
1
value 0.00746
scoring_system epss
scoring_elements 0.73456
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-19849
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-19849.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-19849.yaml
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-19849.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-19849.yaml
3
reference_url https://review.typo3.org/q/%2522Resolves:+%252389005%2522+topic:security
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://review.typo3.org/q/%2522Resolves:+%252389005%2522+topic:security
4
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-026
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2019-026
5
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-026/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2019-026/
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-19849
reference_id CVE-2019-19849
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-19849
7
reference_url https://github.com/advisories/GHSA-rcgc-4xfc-564v
reference_id GHSA-rcgc-4xfc-564v
reference_type
scores
url https://github.com/advisories/GHSA-rcgc-4xfc-564v
fixed_packages
0
url pkg:composer/typo3/cms@8.7.30
purl pkg:composer/typo3/cms@8.7.30
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-848u-w88s-5bbe
3
vulnerability VCID-ev4k-5k1d-2bhu
4
vulnerability VCID-fqkx-v8t5-q3h6
5
vulnerability VCID-j8hk-bqnb-gycp
6
vulnerability VCID-jp1p-rfxa-hyd9
7
vulnerability VCID-sdjb-gp4t-vbgt
8
vulnerability VCID-tgyt-axv1-c7ag
9
vulnerability VCID-uq77-aax5-k7d8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.30
1
url pkg:composer/typo3/cms@9.5.12
purl pkg:composer/typo3/cms@9.5.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-4an7-9ph4-mkd4
4
vulnerability VCID-6mnf-2fcw-dqgp
5
vulnerability VCID-848u-w88s-5bbe
6
vulnerability VCID-8w4e-d49b-nbg8
7
vulnerability VCID-a1g9-pyz5-9fca
8
vulnerability VCID-bbh5-rss8-bfct
9
vulnerability VCID-bcbd-zzet-mff6
10
vulnerability VCID-e6zr-4bgg-kkh5
11
vulnerability VCID-ev4k-5k1d-2bhu
12
vulnerability VCID-fqkx-v8t5-q3h6
13
vulnerability VCID-j8hk-bqnb-gycp
14
vulnerability VCID-jp1p-rfxa-hyd9
15
vulnerability VCID-n1gz-y615-cbbk
16
vulnerability VCID-sdjb-gp4t-vbgt
17
vulnerability VCID-tgyt-axv1-c7ag
18
vulnerability VCID-uq77-aax5-k7d8
19
vulnerability VCID-zkvq-bms4-gfcv
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.12
2
url pkg:composer/typo3/cms@10.2.1
purl pkg:composer/typo3/cms@10.2.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-2tz2-8qdm-2kcv
4
vulnerability VCID-4an7-9ph4-mkd4
5
vulnerability VCID-6mnf-2fcw-dqgp
6
vulnerability VCID-6urp-p9mn-cffv
7
vulnerability VCID-848u-w88s-5bbe
8
vulnerability VCID-8w4e-d49b-nbg8
9
vulnerability VCID-a1g9-pyz5-9fca
10
vulnerability VCID-bbh5-rss8-bfct
11
vulnerability VCID-bcbd-zzet-mff6
12
vulnerability VCID-c46m-ht19-ybc4
13
vulnerability VCID-e6zr-4bgg-kkh5
14
vulnerability VCID-ev4k-5k1d-2bhu
15
vulnerability VCID-fqkx-v8t5-q3h6
16
vulnerability VCID-j8hk-bqnb-gycp
17
vulnerability VCID-jp1p-rfxa-hyd9
18
vulnerability VCID-n1gz-y615-cbbk
19
vulnerability VCID-r3az-g422-gqf9
20
vulnerability VCID-sdjb-gp4t-vbgt
21
vulnerability VCID-tgyt-axv1-c7ag
22
vulnerability VCID-uq77-aax5-k7d8
23
vulnerability VCID-zkvq-bms4-gfcv
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.2.1
3
url pkg:composer/typo3/cms@10.2.2
purl pkg:composer/typo3/cms@10.2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-2tz2-8qdm-2kcv
4
vulnerability VCID-4an7-9ph4-mkd4
5
vulnerability VCID-6mnf-2fcw-dqgp
6
vulnerability VCID-6urp-p9mn-cffv
7
vulnerability VCID-848u-w88s-5bbe
8
vulnerability VCID-8w4e-d49b-nbg8
9
vulnerability VCID-a1g9-pyz5-9fca
10
vulnerability VCID-bbh5-rss8-bfct
11
vulnerability VCID-bcbd-zzet-mff6
12
vulnerability VCID-c46m-ht19-ybc4
13
vulnerability VCID-e6zr-4bgg-kkh5
14
vulnerability VCID-ev4k-5k1d-2bhu
15
vulnerability VCID-fqkx-v8t5-q3h6
16
vulnerability VCID-j8hk-bqnb-gycp
17
vulnerability VCID-jp1p-rfxa-hyd9
18
vulnerability VCID-n1gz-y615-cbbk
19
vulnerability VCID-r3az-g422-gqf9
20
vulnerability VCID-sdjb-gp4t-vbgt
21
vulnerability VCID-tgyt-axv1-c7ag
22
vulnerability VCID-uq77-aax5-k7d8
23
vulnerability VCID-zkvq-bms4-gfcv
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.2.2
aliases CVE-2019-19849, GHSA-rcgc-4xfc-564v
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p7gd-anw2-1qbz
27
url VCID-pmvp-twk2-jqe4
vulnerability_id VCID-pmvp-twk2-jqe4
summary Security Misconfiguration for Backend User Accounts.
references
0
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-002/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2019-002/
fixed_packages
0
url pkg:composer/typo3/cms@8.7.23
purl pkg:composer/typo3/cms@8.7.23
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-4eym-e6vt-8fbs
3
vulnerability VCID-7m6u-k5tp-gkhy
4
vulnerability VCID-848u-w88s-5bbe
5
vulnerability VCID-ev4k-5k1d-2bhu
6
vulnerability VCID-fqkx-v8t5-q3h6
7
vulnerability VCID-fut7-bb1f-37g7
8
vulnerability VCID-j8hk-bqnb-gycp
9
vulnerability VCID-jp1p-rfxa-hyd9
10
vulnerability VCID-k5t3-28es-h3ez
11
vulnerability VCID-nney-azbc-pucg
12
vulnerability VCID-p7gd-anw2-1qbz
13
vulnerability VCID-qv14-m93d-jyd9
14
vulnerability VCID-rqrw-t2kj-mud8
15
vulnerability VCID-ru6w-m6q6-27gn
16
vulnerability VCID-sdjb-gp4t-vbgt
17
vulnerability VCID-sdsa-mh76-kqch
18
vulnerability VCID-tgyt-axv1-c7ag
19
vulnerability VCID-uq77-aax5-k7d8
20
vulnerability VCID-x5x1-w7yv-eye9
21
vulnerability VCID-xw1s-93bu-wuh9
22
vulnerability VCID-y7ds-p5r2-yuhq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.23
1
url pkg:composer/typo3/cms@9.5.4
purl pkg:composer/typo3/cms@9.5.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-3ye6-vqje-abh4
4
vulnerability VCID-4an7-9ph4-mkd4
5
vulnerability VCID-4eym-e6vt-8fbs
6
vulnerability VCID-6mnf-2fcw-dqgp
7
vulnerability VCID-7m6u-k5tp-gkhy
8
vulnerability VCID-7xv1-78u7-xufp
9
vulnerability VCID-848u-w88s-5bbe
10
vulnerability VCID-8w4e-d49b-nbg8
11
vulnerability VCID-9adx-p876-kyb5
12
vulnerability VCID-a1g9-pyz5-9fca
13
vulnerability VCID-bbh5-rss8-bfct
14
vulnerability VCID-cvk2-93hm-gkhx
15
vulnerability VCID-e6zr-4bgg-kkh5
16
vulnerability VCID-ev4k-5k1d-2bhu
17
vulnerability VCID-fqkx-v8t5-q3h6
18
vulnerability VCID-fut7-bb1f-37g7
19
vulnerability VCID-j8hk-bqnb-gycp
20
vulnerability VCID-jp1p-rfxa-hyd9
21
vulnerability VCID-k5t3-28es-h3ez
22
vulnerability VCID-n1gz-y615-cbbk
23
vulnerability VCID-nney-azbc-pucg
24
vulnerability VCID-p7gd-anw2-1qbz
25
vulnerability VCID-qv14-m93d-jyd9
26
vulnerability VCID-rqrw-t2kj-mud8
27
vulnerability VCID-ru6w-m6q6-27gn
28
vulnerability VCID-sdjb-gp4t-vbgt
29
vulnerability VCID-sdsa-mh76-kqch
30
vulnerability VCID-tgyt-axv1-c7ag
31
vulnerability VCID-uq77-aax5-k7d8
32
vulnerability VCID-x5x1-w7yv-eye9
33
vulnerability VCID-xw1s-93bu-wuh9
34
vulnerability VCID-y7ds-p5r2-yuhq
35
vulnerability VCID-zeut-9wfp-q7et
36
vulnerability VCID-zkvq-bms4-gfcv
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.4
aliases GMS-2019-173
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pmvp-twk2-jqe4
28
url VCID-qv14-m93d-jyd9
vulnerability_id VCID-qv14-m93d-jyd9
summary 
Cross-site Scripting
TYPO3 allows XSS.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-12748
reference_id
reference_type
scores
0
value 0.00301
scoring_system epss
scoring_elements 0.53774
published_at 2026-06-05T12:55:00Z
1
value 0.00301
scoring_system epss
scoring_elements 0.53716
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-12748
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-12748.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-12748.yaml
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-12748.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-12748.yaml
3
reference_url https://github.com/TYPO3-CMS/core
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3-CMS/core
4
reference_url https://typo3.org/cms/release-news/typo3-8-release-notes
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://typo3.org/cms/release-news/typo3-8-release-notes
5
reference_url https://typo3.org/cms/release-news/typo3-8-release-notes/
reference_id
reference_type
scores
url https://typo3.org/cms/release-news/typo3-8-release-notes/
6
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-015
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2019-015
7
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-015/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2019-015/
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-12748
reference_id CVE-2019-12748
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-12748
9
reference_url https://github.com/advisories/GHSA-r6fv-56gp-j3r4
reference_id GHSA-r6fv-56gp-j3r4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r6fv-56gp-j3r4
fixed_packages
0
url pkg:composer/typo3/cms@8.7.27
purl pkg:composer/typo3/cms@8.7.27
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-848u-w88s-5bbe
3
vulnerability VCID-ev4k-5k1d-2bhu
4
vulnerability VCID-fqkx-v8t5-q3h6
5
vulnerability VCID-j8hk-bqnb-gycp
6
vulnerability VCID-jp1p-rfxa-hyd9
7
vulnerability VCID-p7gd-anw2-1qbz
8
vulnerability VCID-rqrw-t2kj-mud8
9
vulnerability VCID-sdjb-gp4t-vbgt
10
vulnerability VCID-tgyt-axv1-c7ag
11
vulnerability VCID-uq77-aax5-k7d8
12
vulnerability VCID-xw1s-93bu-wuh9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.27
1
url pkg:composer/typo3/cms@9.5.8
purl pkg:composer/typo3/cms@9.5.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-4an7-9ph4-mkd4
4
vulnerability VCID-6mnf-2fcw-dqgp
5
vulnerability VCID-848u-w88s-5bbe
6
vulnerability VCID-8w4e-d49b-nbg8
7
vulnerability VCID-a1g9-pyz5-9fca
8
vulnerability VCID-bbh5-rss8-bfct
9
vulnerability VCID-e6zr-4bgg-kkh5
10
vulnerability VCID-ev4k-5k1d-2bhu
11
vulnerability VCID-fqkx-v8t5-q3h6
12
vulnerability VCID-j8hk-bqnb-gycp
13
vulnerability VCID-jp1p-rfxa-hyd9
14
vulnerability VCID-n1gz-y615-cbbk
15
vulnerability VCID-p7gd-anw2-1qbz
16
vulnerability VCID-rqrw-t2kj-mud8
17
vulnerability VCID-sdjb-gp4t-vbgt
18
vulnerability VCID-tgyt-axv1-c7ag
19
vulnerability VCID-uq77-aax5-k7d8
20
vulnerability VCID-xw1s-93bu-wuh9
21
vulnerability VCID-zkvq-bms4-gfcv
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.8
aliases CVE-2019-12748, GHSA-r6fv-56gp-j3r4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qv14-m93d-jyd9
29
url VCID-qxab-9uwr-yqhv
vulnerability_id VCID-qxab-9uwr-yqhv
summary 
Cross-site Scripting
CKEditor allows user-assisted XSS involving a source-mode paste.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-17960
reference_id
reference_type
scores
0
value 0.02024
scoring_system epss
scoring_elements 0.84114
published_at 2026-06-05T12:55:00Z
1
value 0.02024
scoring_system epss
scoring_elements 0.84092
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-17960
1
reference_url https://ckeditor.com/blog/CKEditor-4.11-with-emoji-dropdown-and-auto-link-on-typing-released
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://ckeditor.com/blog/CKEditor-4.11-with-emoji-dropdown-and-auto-link-on-typing-released
2
reference_url https://ckeditor.com/blog/CKEditor-4.11-with-emoji-dropdown-and-auto-link-on-typing-released/
reference_id
reference_type
scores
url https://ckeditor.com/blog/CKEditor-4.11-with-emoji-dropdown-and-auto-link-on-typing-released/
3
reference_url https://ckeditor.com/cke4/release/CKEditor-4.11.0
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://ckeditor.com/cke4/release/CKEditor-4.11.0
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17960
5
reference_url https://typo3.org/security/advisory/typo3-core-sa-2018-005
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2018-005
6
reference_url https://web.archive.org/web/20200227030123/http://www.securityfocus.com/bid/109205
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200227030123/http://www.securityfocus.com/bid/109205
7
reference_url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015217
reference_id 1015217
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015217
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-17960
reference_id CVE-2018-17960
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-17960
10
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2018-17960.yaml
reference_id CVE-2018-17960.YAML
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2018-17960.yaml
11
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2018-17960.yaml
reference_id CVE-2018-17960.YAML
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2018-17960.yaml
12
reference_url https://github.com/advisories/GHSA-g68x-vvqq-pvw3
reference_id GHSA-g68x-vvqq-pvw3
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-g68x-vvqq-pvw3
fixed_packages
0
url pkg:composer/typo3/cms@8.7.21
purl pkg:composer/typo3/cms@8.7.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-4eym-e6vt-8fbs
3
vulnerability VCID-7m6u-k5tp-gkhy
4
vulnerability VCID-848u-w88s-5bbe
5
vulnerability VCID-am6s-67bm-77dr
6
vulnerability VCID-bn3p-39sv-6fdg
7
vulnerability VCID-ev4k-5k1d-2bhu
8
vulnerability VCID-fqkx-v8t5-q3h6
9
vulnerability VCID-fut7-bb1f-37g7
10
vulnerability VCID-j8hk-bqnb-gycp
11
vulnerability VCID-jp1p-rfxa-hyd9
12
vulnerability VCID-k5t3-28es-h3ez
13
vulnerability VCID-khpm-e1xb-hydb
14
vulnerability VCID-nney-azbc-pucg
15
vulnerability VCID-p7gd-anw2-1qbz
16
vulnerability VCID-pmvp-twk2-jqe4
17
vulnerability VCID-qv14-m93d-jyd9
18
vulnerability VCID-rqrw-t2kj-mud8
19
vulnerability VCID-ru6w-m6q6-27gn
20
vulnerability VCID-sdjb-gp4t-vbgt
21
vulnerability VCID-sdsa-mh76-kqch
22
vulnerability VCID-tgyt-axv1-c7ag
23
vulnerability VCID-u259-2sxq-tbct
24
vulnerability VCID-uq77-aax5-k7d8
25
vulnerability VCID-vw2r-g8yy-eyf4
26
vulnerability VCID-x5x1-w7yv-eye9
27
vulnerability VCID-xw1s-93bu-wuh9
28
vulnerability VCID-y7ds-p5r2-yuhq
29
vulnerability VCID-zmwv-gwq3-fkej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.21
1
url pkg:composer/typo3/cms@9.5.2
purl pkg:composer/typo3/cms@9.5.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-3ye6-vqje-abh4
4
vulnerability VCID-4an7-9ph4-mkd4
5
vulnerability VCID-4eym-e6vt-8fbs
6
vulnerability VCID-4jck-w9ct-budk
7
vulnerability VCID-6mnf-2fcw-dqgp
8
vulnerability VCID-7m6u-k5tp-gkhy
9
vulnerability VCID-7xv1-78u7-xufp
10
vulnerability VCID-848u-w88s-5bbe
11
vulnerability VCID-8w4e-d49b-nbg8
12
vulnerability VCID-9adx-p876-kyb5
13
vulnerability VCID-a1g9-pyz5-9fca
14
vulnerability VCID-am6s-67bm-77dr
15
vulnerability VCID-bbh5-rss8-bfct
16
vulnerability VCID-cvk2-93hm-gkhx
17
vulnerability VCID-e6zr-4bgg-kkh5
18
vulnerability VCID-ev4k-5k1d-2bhu
19
vulnerability VCID-fqkx-v8t5-q3h6
20
vulnerability VCID-fut7-bb1f-37g7
21
vulnerability VCID-j8hk-bqnb-gycp
22
vulnerability VCID-jp1p-rfxa-hyd9
23
vulnerability VCID-k5t3-28es-h3ez
24
vulnerability VCID-khpm-e1xb-hydb
25
vulnerability VCID-n1gz-y615-cbbk
26
vulnerability VCID-nney-azbc-pucg
27
vulnerability VCID-p7gd-anw2-1qbz
28
vulnerability VCID-pmvp-twk2-jqe4
29
vulnerability VCID-qv14-m93d-jyd9
30
vulnerability VCID-rqrw-t2kj-mud8
31
vulnerability VCID-ru6w-m6q6-27gn
32
vulnerability VCID-sdjb-gp4t-vbgt
33
vulnerability VCID-sdsa-mh76-kqch
34
vulnerability VCID-tgyt-axv1-c7ag
35
vulnerability VCID-u259-2sxq-tbct
36
vulnerability VCID-uq77-aax5-k7d8
37
vulnerability VCID-vw2r-g8yy-eyf4
38
vulnerability VCID-x5x1-w7yv-eye9
39
vulnerability VCID-xw1s-93bu-wuh9
40
vulnerability VCID-y7ds-p5r2-yuhq
41
vulnerability VCID-zeut-9wfp-q7et
42
vulnerability VCID-zkvq-bms4-gfcv
43
vulnerability VCID-zmwv-gwq3-fkej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.2
aliases CVE-2018-17960, GHSA-g68x-vvqq-pvw3
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qxab-9uwr-yqhv
30
url VCID-rqrw-t2kj-mud8
vulnerability_id VCID-rqrw-t2kj-mud8
summary 
SQL Injection
Because escaping of user-submitted content is mishandled, the class QueryGenerator is vulnerable to SQL injection. Exploitation requires having the system extension `ext:lowlevel` installed, and a valid backend user who has administrator privileges.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-19850
reference_id
reference_type
scores
0
value 0.00284
scoring_system epss
scoring_elements 0.52129
published_at 2026-06-05T12:55:00Z
1
value 0.00284
scoring_system epss
scoring_elements 0.52069
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-19850
1
reference_url https://github.com/TYPO3/typo3
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3
2
reference_url https://review.typo3.org/q/%2522Resolves:+%252389452%2522+topic:security
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://review.typo3.org/q/%2522Resolves:+%252389452%2522+topic:security
3
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-025
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2019-025
4
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-025/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2019-025/
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-19850
reference_id CVE-2019-19850
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-19850
6
reference_url https://github.com/advisories/GHSA-59pj-7mjh-4465
reference_id GHSA-59pj-7mjh-4465
reference_type
scores
url https://github.com/advisories/GHSA-59pj-7mjh-4465
fixed_packages
0
url pkg:composer/typo3/cms@8.7.30
purl pkg:composer/typo3/cms@8.7.30
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-848u-w88s-5bbe
3
vulnerability VCID-ev4k-5k1d-2bhu
4
vulnerability VCID-fqkx-v8t5-q3h6
5
vulnerability VCID-j8hk-bqnb-gycp
6
vulnerability VCID-jp1p-rfxa-hyd9
7
vulnerability VCID-sdjb-gp4t-vbgt
8
vulnerability VCID-tgyt-axv1-c7ag
9
vulnerability VCID-uq77-aax5-k7d8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.30
1
url pkg:composer/typo3/cms@9.5.12
purl pkg:composer/typo3/cms@9.5.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-4an7-9ph4-mkd4
4
vulnerability VCID-6mnf-2fcw-dqgp
5
vulnerability VCID-848u-w88s-5bbe
6
vulnerability VCID-8w4e-d49b-nbg8
7
vulnerability VCID-a1g9-pyz5-9fca
8
vulnerability VCID-bbh5-rss8-bfct
9
vulnerability VCID-bcbd-zzet-mff6
10
vulnerability VCID-e6zr-4bgg-kkh5
11
vulnerability VCID-ev4k-5k1d-2bhu
12
vulnerability VCID-fqkx-v8t5-q3h6
13
vulnerability VCID-j8hk-bqnb-gycp
14
vulnerability VCID-jp1p-rfxa-hyd9
15
vulnerability VCID-n1gz-y615-cbbk
16
vulnerability VCID-sdjb-gp4t-vbgt
17
vulnerability VCID-tgyt-axv1-c7ag
18
vulnerability VCID-uq77-aax5-k7d8
19
vulnerability VCID-zkvq-bms4-gfcv
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.12
2
url pkg:composer/typo3/cms@10.2.2
purl pkg:composer/typo3/cms@10.2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-2tz2-8qdm-2kcv
4
vulnerability VCID-4an7-9ph4-mkd4
5
vulnerability VCID-6mnf-2fcw-dqgp
6
vulnerability VCID-6urp-p9mn-cffv
7
vulnerability VCID-848u-w88s-5bbe
8
vulnerability VCID-8w4e-d49b-nbg8
9
vulnerability VCID-a1g9-pyz5-9fca
10
vulnerability VCID-bbh5-rss8-bfct
11
vulnerability VCID-bcbd-zzet-mff6
12
vulnerability VCID-c46m-ht19-ybc4
13
vulnerability VCID-e6zr-4bgg-kkh5
14
vulnerability VCID-ev4k-5k1d-2bhu
15
vulnerability VCID-fqkx-v8t5-q3h6
16
vulnerability VCID-j8hk-bqnb-gycp
17
vulnerability VCID-jp1p-rfxa-hyd9
18
vulnerability VCID-n1gz-y615-cbbk
19
vulnerability VCID-r3az-g422-gqf9
20
vulnerability VCID-sdjb-gp4t-vbgt
21
vulnerability VCID-tgyt-axv1-c7ag
22
vulnerability VCID-uq77-aax5-k7d8
23
vulnerability VCID-zkvq-bms4-gfcv
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.2.2
aliases CVE-2019-19850, GHSA-59pj-7mjh-4465
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rqrw-t2kj-mud8
31
url VCID-ru6w-m6q6-27gn
vulnerability_id VCID-ru6w-m6q6-27gn
summary 
Cross-site Scripting
Cross-Site Scripting in Fluid Engine.
references
0
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-013/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2019-013/
fixed_packages
0
url pkg:composer/typo3/cms@8.7.25
purl pkg:composer/typo3/cms@8.7.25
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-4eym-e6vt-8fbs
3
vulnerability VCID-7m6u-k5tp-gkhy
4
vulnerability VCID-848u-w88s-5bbe
5
vulnerability VCID-cbmm-1b2k-8qaz
6
vulnerability VCID-ev4k-5k1d-2bhu
7
vulnerability VCID-fqkx-v8t5-q3h6
8
vulnerability VCID-fut7-bb1f-37g7
9
vulnerability VCID-j8hk-bqnb-gycp
10
vulnerability VCID-jp1p-rfxa-hyd9
11
vulnerability VCID-nney-azbc-pucg
12
vulnerability VCID-p7gd-anw2-1qbz
13
vulnerability VCID-qv14-m93d-jyd9
14
vulnerability VCID-rqrw-t2kj-mud8
15
vulnerability VCID-sdjb-gp4t-vbgt
16
vulnerability VCID-tgyt-axv1-c7ag
17
vulnerability VCID-uq77-aax5-k7d8
18
vulnerability VCID-xw1s-93bu-wuh9
19
vulnerability VCID-y7ds-p5r2-yuhq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.25
1
url pkg:composer/typo3/cms@9.5.6
purl pkg:composer/typo3/cms@9.5.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-4an7-9ph4-mkd4
4
vulnerability VCID-4eym-e6vt-8fbs
5
vulnerability VCID-6mnf-2fcw-dqgp
6
vulnerability VCID-7m6u-k5tp-gkhy
7
vulnerability VCID-7xv1-78u7-xufp
8
vulnerability VCID-848u-w88s-5bbe
9
vulnerability VCID-8w4e-d49b-nbg8
10
vulnerability VCID-a1g9-pyz5-9fca
11
vulnerability VCID-bbh5-rss8-bfct
12
vulnerability VCID-cbmm-1b2k-8qaz
13
vulnerability VCID-cvk2-93hm-gkhx
14
vulnerability VCID-e6zr-4bgg-kkh5
15
vulnerability VCID-ev4k-5k1d-2bhu
16
vulnerability VCID-fqkx-v8t5-q3h6
17
vulnerability VCID-fut7-bb1f-37g7
18
vulnerability VCID-j8hk-bqnb-gycp
19
vulnerability VCID-jp1p-rfxa-hyd9
20
vulnerability VCID-n1gz-y615-cbbk
21
vulnerability VCID-nney-azbc-pucg
22
vulnerability VCID-p7gd-anw2-1qbz
23
vulnerability VCID-qv14-m93d-jyd9
24
vulnerability VCID-rqrw-t2kj-mud8
25
vulnerability VCID-sdjb-gp4t-vbgt
26
vulnerability VCID-tgyt-axv1-c7ag
27
vulnerability VCID-uq77-aax5-k7d8
28
vulnerability VCID-xw1s-93bu-wuh9
29
vulnerability VCID-y7ds-p5r2-yuhq
30
vulnerability VCID-zeut-9wfp-q7et
31
vulnerability VCID-zkvq-bms4-gfcv
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.6
aliases GMS-2019-180
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ru6w-m6q6-27gn
32
url VCID-sdjb-gp4t-vbgt
vulnerability_id VCID-sdjb-gp4t-vbgt
summary 
Cross-site Scripting
TYPO3 is an open source PHP based web content management system. have a cross-site scripting vulnerability. When settings for _backend layouts_ are not properly encoded, the corresponding grid view is vulnerable to persistent cross-site scripting. A valid backend user account is needed to exploit this vulnerability. TYPO3 contain a patch for this vulnerability.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-32669
reference_id
reference_type
scores
0
value 0.00374
scoring_system epss
scoring_elements 0.59434
published_at 2026-06-05T12:55:00Z
1
value 0.00374
scoring_system epss
scoring_elements 0.59384
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-32669
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32669.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32669.yaml
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32669.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32669.yaml
3
reference_url https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-rgcg-28xm-8mmw
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-rgcg-28xm-8mmw
4
reference_url https://typo3.org/security/advisory/typo3-core-sa-2021-011
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2021-011
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-32669
reference_id CVE-2021-32669
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-32669
fixed_packages
0
url pkg:composer/typo3/cms@9.5.28
purl pkg:composer/typo3/cms@9.5.28
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rhr-8vaz-hqfj
1
vulnerability VCID-j8hk-bqnb-gycp
2
vulnerability VCID-sdjb-gp4t-vbgt
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.28
1
url pkg:composer/typo3/cms@10.4.18
purl pkg:composer/typo3/cms@10.4.18
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rhr-8vaz-hqfj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.4.18
2
url pkg:composer/typo3/cms@11.3.1
purl pkg:composer/typo3/cms@11.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rhr-8vaz-hqfj
1
vulnerability VCID-b9sw-6tzm-3yhj
2
vulnerability VCID-fsx8-7qjz-2ubw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@11.3.1
aliases CVE-2021-32669, GHSA-rgcg-28xm-8mmw
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sdjb-gp4t-vbgt
33
url VCID-sdsa-mh76-kqch
vulnerability_id VCID-sdsa-mh76-kqch
summary Security Misconfiguration in User Session Handling.
references
0
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-011/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2019-011/
fixed_packages
0
url pkg:composer/typo3/cms@8.7.25
purl pkg:composer/typo3/cms@8.7.25
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-4eym-e6vt-8fbs
3
vulnerability VCID-7m6u-k5tp-gkhy
4
vulnerability VCID-848u-w88s-5bbe
5
vulnerability VCID-cbmm-1b2k-8qaz
6
vulnerability VCID-ev4k-5k1d-2bhu
7
vulnerability VCID-fqkx-v8t5-q3h6
8
vulnerability VCID-fut7-bb1f-37g7
9
vulnerability VCID-j8hk-bqnb-gycp
10
vulnerability VCID-jp1p-rfxa-hyd9
11
vulnerability VCID-nney-azbc-pucg
12
vulnerability VCID-p7gd-anw2-1qbz
13
vulnerability VCID-qv14-m93d-jyd9
14
vulnerability VCID-rqrw-t2kj-mud8
15
vulnerability VCID-sdjb-gp4t-vbgt
16
vulnerability VCID-tgyt-axv1-c7ag
17
vulnerability VCID-uq77-aax5-k7d8
18
vulnerability VCID-xw1s-93bu-wuh9
19
vulnerability VCID-y7ds-p5r2-yuhq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.25
1
url pkg:composer/typo3/cms@9.5.6
purl pkg:composer/typo3/cms@9.5.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-4an7-9ph4-mkd4
4
vulnerability VCID-4eym-e6vt-8fbs
5
vulnerability VCID-6mnf-2fcw-dqgp
6
vulnerability VCID-7m6u-k5tp-gkhy
7
vulnerability VCID-7xv1-78u7-xufp
8
vulnerability VCID-848u-w88s-5bbe
9
vulnerability VCID-8w4e-d49b-nbg8
10
vulnerability VCID-a1g9-pyz5-9fca
11
vulnerability VCID-bbh5-rss8-bfct
12
vulnerability VCID-cbmm-1b2k-8qaz
13
vulnerability VCID-cvk2-93hm-gkhx
14
vulnerability VCID-e6zr-4bgg-kkh5
15
vulnerability VCID-ev4k-5k1d-2bhu
16
vulnerability VCID-fqkx-v8t5-q3h6
17
vulnerability VCID-fut7-bb1f-37g7
18
vulnerability VCID-j8hk-bqnb-gycp
19
vulnerability VCID-jp1p-rfxa-hyd9
20
vulnerability VCID-n1gz-y615-cbbk
21
vulnerability VCID-nney-azbc-pucg
22
vulnerability VCID-p7gd-anw2-1qbz
23
vulnerability VCID-qv14-m93d-jyd9
24
vulnerability VCID-rqrw-t2kj-mud8
25
vulnerability VCID-sdjb-gp4t-vbgt
26
vulnerability VCID-tgyt-axv1-c7ag
27
vulnerability VCID-uq77-aax5-k7d8
28
vulnerability VCID-xw1s-93bu-wuh9
29
vulnerability VCID-y7ds-p5r2-yuhq
30
vulnerability VCID-zeut-9wfp-q7et
31
vulnerability VCID-zkvq-bms4-gfcv
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.6
aliases GMS-2019-181
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sdsa-mh76-kqch
34
url VCID-tgyt-axv1-c7ag
vulnerability_id VCID-tgyt-axv1-c7ag
summary 
Cross-site Scripting
TYPO3 is an open source PHP based web content management system. In TYPO3 the system extension Fluid (typo3/cms-fluid) of the TYPO3 core is vulnerable to cross-site scripting passing user-controlled data as argument to Fluid view helpers. Update to TYPO3 that fix the problem described.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-26227
reference_id
reference_type
scores
0
value 0.00359
scoring_system epss
scoring_elements 0.58427
published_at 2026-06-05T12:55:00Z
1
value 0.00359
scoring_system epss
scoring_elements 0.5838
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-26227
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-26227.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-26227.yaml
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-26227.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-26227.yaml
3
reference_url https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-vqqx-jw6p-q3rf
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-vqqx-jw6p-q3rf
4
reference_url https://packagist.org/packages/typo3/cms-core
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://packagist.org/packages/typo3/cms-core
5
reference_url https://typo3.org/security/advisory/typo3-core-sa-2020-010
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2020-010
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-26227
reference_id CVE-2020-26227
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-26227
fixed_packages
0
url pkg:composer/typo3/cms@8.7.38
purl pkg:composer/typo3/cms@8.7.38
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.38
1
url pkg:composer/typo3/cms@9.5.23
purl pkg:composer/typo3/cms@9.5.23
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-6mnf-2fcw-dqgp
3
vulnerability VCID-848u-w88s-5bbe
4
vulnerability VCID-a1g9-pyz5-9fca
5
vulnerability VCID-ev4k-5k1d-2bhu
6
vulnerability VCID-fqkx-v8t5-q3h6
7
vulnerability VCID-j8hk-bqnb-gycp
8
vulnerability VCID-jp1p-rfxa-hyd9
9
vulnerability VCID-sdjb-gp4t-vbgt
10
vulnerability VCID-uq77-aax5-k7d8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.23
2
url pkg:composer/typo3/cms@10.4.10
purl pkg:composer/typo3/cms@10.4.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-6mnf-2fcw-dqgp
3
vulnerability VCID-6urp-p9mn-cffv
4
vulnerability VCID-848u-w88s-5bbe
5
vulnerability VCID-a1g9-pyz5-9fca
6
vulnerability VCID-c46m-ht19-ybc4
7
vulnerability VCID-ev4k-5k1d-2bhu
8
vulnerability VCID-fqkx-v8t5-q3h6
9
vulnerability VCID-j8hk-bqnb-gycp
10
vulnerability VCID-jp1p-rfxa-hyd9
11
vulnerability VCID-sdjb-gp4t-vbgt
12
vulnerability VCID-uq77-aax5-k7d8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.4.10
aliases CVE-2020-26227, GHSA-vqqx-jw6p-q3rf
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tgyt-axv1-c7ag
35
url VCID-u259-2sxq-tbct
vulnerability_id VCID-u259-2sxq-tbct
summary 
Cross-site Scripting
Cross-Site Scripting in Fluid `ViewHelpers`.
references
0
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-005/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2019-005/
fixed_packages
0
url pkg:composer/typo3/cms@8.7.23
purl pkg:composer/typo3/cms@8.7.23
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-4eym-e6vt-8fbs
3
vulnerability VCID-7m6u-k5tp-gkhy
4
vulnerability VCID-848u-w88s-5bbe
5
vulnerability VCID-ev4k-5k1d-2bhu
6
vulnerability VCID-fqkx-v8t5-q3h6
7
vulnerability VCID-fut7-bb1f-37g7
8
vulnerability VCID-j8hk-bqnb-gycp
9
vulnerability VCID-jp1p-rfxa-hyd9
10
vulnerability VCID-k5t3-28es-h3ez
11
vulnerability VCID-nney-azbc-pucg
12
vulnerability VCID-p7gd-anw2-1qbz
13
vulnerability VCID-qv14-m93d-jyd9
14
vulnerability VCID-rqrw-t2kj-mud8
15
vulnerability VCID-ru6w-m6q6-27gn
16
vulnerability VCID-sdjb-gp4t-vbgt
17
vulnerability VCID-sdsa-mh76-kqch
18
vulnerability VCID-tgyt-axv1-c7ag
19
vulnerability VCID-uq77-aax5-k7d8
20
vulnerability VCID-x5x1-w7yv-eye9
21
vulnerability VCID-xw1s-93bu-wuh9
22
vulnerability VCID-y7ds-p5r2-yuhq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.23
1
url pkg:composer/typo3/cms@9.5.4
purl pkg:composer/typo3/cms@9.5.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-3ye6-vqje-abh4
4
vulnerability VCID-4an7-9ph4-mkd4
5
vulnerability VCID-4eym-e6vt-8fbs
6
vulnerability VCID-6mnf-2fcw-dqgp
7
vulnerability VCID-7m6u-k5tp-gkhy
8
vulnerability VCID-7xv1-78u7-xufp
9
vulnerability VCID-848u-w88s-5bbe
10
vulnerability VCID-8w4e-d49b-nbg8
11
vulnerability VCID-9adx-p876-kyb5
12
vulnerability VCID-a1g9-pyz5-9fca
13
vulnerability VCID-bbh5-rss8-bfct
14
vulnerability VCID-cvk2-93hm-gkhx
15
vulnerability VCID-e6zr-4bgg-kkh5
16
vulnerability VCID-ev4k-5k1d-2bhu
17
vulnerability VCID-fqkx-v8t5-q3h6
18
vulnerability VCID-fut7-bb1f-37g7
19
vulnerability VCID-j8hk-bqnb-gycp
20
vulnerability VCID-jp1p-rfxa-hyd9
21
vulnerability VCID-k5t3-28es-h3ez
22
vulnerability VCID-n1gz-y615-cbbk
23
vulnerability VCID-nney-azbc-pucg
24
vulnerability VCID-p7gd-anw2-1qbz
25
vulnerability VCID-qv14-m93d-jyd9
26
vulnerability VCID-rqrw-t2kj-mud8
27
vulnerability VCID-ru6w-m6q6-27gn
28
vulnerability VCID-sdjb-gp4t-vbgt
29
vulnerability VCID-sdsa-mh76-kqch
30
vulnerability VCID-tgyt-axv1-c7ag
31
vulnerability VCID-uq77-aax5-k7d8
32
vulnerability VCID-x5x1-w7yv-eye9
33
vulnerability VCID-xw1s-93bu-wuh9
34
vulnerability VCID-y7ds-p5r2-yuhq
35
vulnerability VCID-zeut-9wfp-q7et
36
vulnerability VCID-zkvq-bms4-gfcv
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.4
aliases GMS-2019-175
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u259-2sxq-tbct
36
url VCID-uq77-aax5-k7d8
vulnerability_id VCID-uq77-aax5-k7d8
summary 
Inclusion of Sensitive Information in Log Files
TYPO3 is an open source PHP based web content management system. User credentials may been logged as plain-text. This occurs when explicitly using log level debug, which is not the default configuration. TYPO3 contain a patch for this vulnerability.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-32767
reference_id
reference_type
scores
0
value 0.00327
scoring_system epss
scoring_elements 0.55909
published_at 2026-06-04T12:55:00Z
1
value 0.00327
scoring_system epss
scoring_elements 0.55964
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-32767
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32767.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-32767.yaml
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32767.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-32767.yaml
3
reference_url https://github.com/TYPO3/typo3
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3
4
reference_url https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-34fr-fhqr-7235
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-34fr-fhqr-7235
5
reference_url https://github.com/TYPO3/typo3/commit/0b4950163b8919451964133febc65bcdfcec721c
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3/commit/0b4950163b8919451964133febc65bcdfcec721c
6
reference_url https://github.com/TYPO3/typo3/security/advisories/GHSA-34fr-fhqr-7235
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3/security/advisories/GHSA-34fr-fhqr-7235
7
reference_url https://typo3.org/security/advisory/typo3-core-sa-2021-012
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2021-012
8
reference_url https://typo3.org/security/advisory/typo3-core-sa-2021-013
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2021-013
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-32767
reference_id CVE-2021-32767
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-32767
fixed_packages
0
url pkg:composer/typo3/cms@9.5.28
purl pkg:composer/typo3/cms@9.5.28
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rhr-8vaz-hqfj
1
vulnerability VCID-j8hk-bqnb-gycp
2
vulnerability VCID-sdjb-gp4t-vbgt
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.28
1
url pkg:composer/typo3/cms@10.4.18
purl pkg:composer/typo3/cms@10.4.18
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rhr-8vaz-hqfj
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.4.18
2
url pkg:composer/typo3/cms@11.3.1
purl pkg:composer/typo3/cms@11.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rhr-8vaz-hqfj
1
vulnerability VCID-b9sw-6tzm-3yhj
2
vulnerability VCID-fsx8-7qjz-2ubw
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@11.3.1
aliases CVE-2021-32767, GHSA-34fr-fhqr-7235
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uq77-aax5-k7d8
37
url VCID-vq15-t92r-5bhx
vulnerability_id VCID-vq15-t92r-5bhx
summary 
Cross-site Scripting
The page module in TYPO3 is vulnerable to XSS via `$GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename']`, as demonstrated by an admin entering a crafted site name during the installation process.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-6905
reference_id
reference_type
scores
0
value 0.02274
scoring_system epss
scoring_elements 0.84984
published_at 2026-06-05T12:55:00Z
1
value 0.02274
scoring_system epss
scoring_elements 0.8496
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-6905
1
reference_url https://forge.typo3.org/issues/84191
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://forge.typo3.org/issues/84191
2
reference_url https://github.com/pradeepjairamani/TYPO3-XSS-POC
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pradeepjairamani/TYPO3-XSS-POC
3
reference_url https://github.com/TYPO3/typo3/commit/d2c0ea7db3b31a796a82f9d39f77f9983beb7c35
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3/commit/d2c0ea7db3b31a796a82f9d39f77f9983beb7c35
4
reference_url http://www.securitytracker.com/id/1040755
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1040755
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-6905
reference_id CVE-2018-6905
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-6905
fixed_packages
0
url pkg:composer/typo3/cms@8.7.11
purl pkg:composer/typo3/cms@8.7.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-3ugj-6m1e-e3hr
3
vulnerability VCID-4eym-e6vt-8fbs
4
vulnerability VCID-7ch1-q9f4-a7bt
5
vulnerability VCID-7m6u-k5tp-gkhy
6
vulnerability VCID-848u-w88s-5bbe
7
vulnerability VCID-953t-q1cr-zyd6
8
vulnerability VCID-abjx-8v46-d7d8
9
vulnerability VCID-am6s-67bm-77dr
10
vulnerability VCID-bn3p-39sv-6fdg
11
vulnerability VCID-dsqm-9q3e-dudw
12
vulnerability VCID-emqq-kwjg-3kfk
13
vulnerability VCID-ev4k-5k1d-2bhu
14
vulnerability VCID-fdnw-2tz5-4fdr
15
vulnerability VCID-fqkx-v8t5-q3h6
16
vulnerability VCID-fut7-bb1f-37g7
17
vulnerability VCID-hp99-ncuh-6ugv
18
vulnerability VCID-j8hk-bqnb-gycp
19
vulnerability VCID-je4q-svfw-hqda
20
vulnerability VCID-jp1p-rfxa-hyd9
21
vulnerability VCID-jq5y-7h9g-mufa
22
vulnerability VCID-k5t3-28es-h3ez
23
vulnerability VCID-khpm-e1xb-hydb
24
vulnerability VCID-njsj-bwjq-fyap
25
vulnerability VCID-nney-azbc-pucg
26
vulnerability VCID-p7gd-anw2-1qbz
27
vulnerability VCID-pmvp-twk2-jqe4
28
vulnerability VCID-qv14-m93d-jyd9
29
vulnerability VCID-qxab-9uwr-yqhv
30
vulnerability VCID-rqrw-t2kj-mud8
31
vulnerability VCID-ru6w-m6q6-27gn
32
vulnerability VCID-sdjb-gp4t-vbgt
33
vulnerability VCID-sdsa-mh76-kqch
34
vulnerability VCID-tgyt-axv1-c7ag
35
vulnerability VCID-u259-2sxq-tbct
36
vulnerability VCID-uq77-aax5-k7d8
37
vulnerability VCID-vw2r-g8yy-eyf4
38
vulnerability VCID-w1wb-mq2y-dfca
39
vulnerability VCID-x5x1-w7yv-eye9
40
vulnerability VCID-xw1s-93bu-wuh9
41
vulnerability VCID-y7ds-p5r2-yuhq
42
vulnerability VCID-yz6t-ge1y-qfgr
43
vulnerability VCID-zmwv-gwq3-fkej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.11
1
url pkg:composer/typo3/cms@9.1.0
purl pkg:composer/typo3/cms@9.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-3ugj-6m1e-e3hr
4
vulnerability VCID-3ye6-vqje-abh4
5
vulnerability VCID-4an7-9ph4-mkd4
6
vulnerability VCID-4eym-e6vt-8fbs
7
vulnerability VCID-4jck-w9ct-budk
8
vulnerability VCID-6mnf-2fcw-dqgp
9
vulnerability VCID-7ch1-q9f4-a7bt
10
vulnerability VCID-7m6u-k5tp-gkhy
11
vulnerability VCID-7xv1-78u7-xufp
12
vulnerability VCID-848u-w88s-5bbe
13
vulnerability VCID-8w4e-d49b-nbg8
14
vulnerability VCID-953t-q1cr-zyd6
15
vulnerability VCID-9adx-p876-kyb5
16
vulnerability VCID-a1g9-pyz5-9fca
17
vulnerability VCID-abjx-8v46-d7d8
18
vulnerability VCID-am6s-67bm-77dr
19
vulnerability VCID-bbh5-rss8-bfct
20
vulnerability VCID-cvk2-93hm-gkhx
21
vulnerability VCID-dsqm-9q3e-dudw
22
vulnerability VCID-e6zr-4bgg-kkh5
23
vulnerability VCID-emqq-kwjg-3kfk
24
vulnerability VCID-ev4k-5k1d-2bhu
25
vulnerability VCID-fqkx-v8t5-q3h6
26
vulnerability VCID-fut7-bb1f-37g7
27
vulnerability VCID-hp99-ncuh-6ugv
28
vulnerability VCID-j8hk-bqnb-gycp
29
vulnerability VCID-je4q-svfw-hqda
30
vulnerability VCID-jp1p-rfxa-hyd9
31
vulnerability VCID-jq5y-7h9g-mufa
32
vulnerability VCID-k5t3-28es-h3ez
33
vulnerability VCID-khpm-e1xb-hydb
34
vulnerability VCID-n1gz-y615-cbbk
35
vulnerability VCID-njsj-bwjq-fyap
36
vulnerability VCID-nney-azbc-pucg
37
vulnerability VCID-p7gd-anw2-1qbz
38
vulnerability VCID-pmvp-twk2-jqe4
39
vulnerability VCID-qv14-m93d-jyd9
40
vulnerability VCID-qxab-9uwr-yqhv
41
vulnerability VCID-rqrw-t2kj-mud8
42
vulnerability VCID-ru6w-m6q6-27gn
43
vulnerability VCID-sdjb-gp4t-vbgt
44
vulnerability VCID-sdsa-mh76-kqch
45
vulnerability VCID-tgyt-axv1-c7ag
46
vulnerability VCID-u259-2sxq-tbct
47
vulnerability VCID-uq77-aax5-k7d8
48
vulnerability VCID-vw2r-g8yy-eyf4
49
vulnerability VCID-w1wb-mq2y-dfca
50
vulnerability VCID-x5x1-w7yv-eye9
51
vulnerability VCID-xw1s-93bu-wuh9
52
vulnerability VCID-y7ds-p5r2-yuhq
53
vulnerability VCID-yz6t-ge1y-qfgr
54
vulnerability VCID-zeut-9wfp-q7et
55
vulnerability VCID-zkvq-bms4-gfcv
56
vulnerability VCID-zmwv-gwq3-fkej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.1.0
2
url pkg:composer/typo3/cms@9.2.0
purl pkg:composer/typo3/cms@9.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-3ugj-6m1e-e3hr
4
vulnerability VCID-3ye6-vqje-abh4
5
vulnerability VCID-4an7-9ph4-mkd4
6
vulnerability VCID-4eym-e6vt-8fbs
7
vulnerability VCID-4jck-w9ct-budk
8
vulnerability VCID-6mnf-2fcw-dqgp
9
vulnerability VCID-7ch1-q9f4-a7bt
10
vulnerability VCID-7m6u-k5tp-gkhy
11
vulnerability VCID-7xv1-78u7-xufp
12
vulnerability VCID-848u-w88s-5bbe
13
vulnerability VCID-8w4e-d49b-nbg8
14
vulnerability VCID-953t-q1cr-zyd6
15
vulnerability VCID-9adx-p876-kyb5
16
vulnerability VCID-a1g9-pyz5-9fca
17
vulnerability VCID-abjx-8v46-d7d8
18
vulnerability VCID-am6s-67bm-77dr
19
vulnerability VCID-bbh5-rss8-bfct
20
vulnerability VCID-cvk2-93hm-gkhx
21
vulnerability VCID-dsqm-9q3e-dudw
22
vulnerability VCID-e6zr-4bgg-kkh5
23
vulnerability VCID-emqq-kwjg-3kfk
24
vulnerability VCID-ev4k-5k1d-2bhu
25
vulnerability VCID-fqkx-v8t5-q3h6
26
vulnerability VCID-fut7-bb1f-37g7
27
vulnerability VCID-hp99-ncuh-6ugv
28
vulnerability VCID-j8hk-bqnb-gycp
29
vulnerability VCID-je4q-svfw-hqda
30
vulnerability VCID-jp1p-rfxa-hyd9
31
vulnerability VCID-jq5y-7h9g-mufa
32
vulnerability VCID-k5t3-28es-h3ez
33
vulnerability VCID-khpm-e1xb-hydb
34
vulnerability VCID-n1gz-y615-cbbk
35
vulnerability VCID-njsj-bwjq-fyap
36
vulnerability VCID-nney-azbc-pucg
37
vulnerability VCID-p7gd-anw2-1qbz
38
vulnerability VCID-pmvp-twk2-jqe4
39
vulnerability VCID-qv14-m93d-jyd9
40
vulnerability VCID-qxab-9uwr-yqhv
41
vulnerability VCID-rqrw-t2kj-mud8
42
vulnerability VCID-ru6w-m6q6-27gn
43
vulnerability VCID-sdjb-gp4t-vbgt
44
vulnerability VCID-sdsa-mh76-kqch
45
vulnerability VCID-tgyt-axv1-c7ag
46
vulnerability VCID-u259-2sxq-tbct
47
vulnerability VCID-uq77-aax5-k7d8
48
vulnerability VCID-vw2r-g8yy-eyf4
49
vulnerability VCID-w1wb-mq2y-dfca
50
vulnerability VCID-x5x1-w7yv-eye9
51
vulnerability VCID-xw1s-93bu-wuh9
52
vulnerability VCID-y7ds-p5r2-yuhq
53
vulnerability VCID-yz6t-ge1y-qfgr
54
vulnerability VCID-zeut-9wfp-q7et
55
vulnerability VCID-zkvq-bms4-gfcv
56
vulnerability VCID-zmwv-gwq3-fkej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.2.0
aliases CVE-2018-6905, GHSA-3w22-wrwx-2r75
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vq15-t92r-5bhx
38
url VCID-vw2r-g8yy-eyf4
vulnerability_id VCID-vw2r-g8yy-eyf4
summary 
Code Injection
Arbitrary Code Execution via File List Module.
references
0
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-008/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2019-008/
fixed_packages
0
url pkg:composer/typo3/cms@8.7.23
purl pkg:composer/typo3/cms@8.7.23
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-4eym-e6vt-8fbs
3
vulnerability VCID-7m6u-k5tp-gkhy
4
vulnerability VCID-848u-w88s-5bbe
5
vulnerability VCID-ev4k-5k1d-2bhu
6
vulnerability VCID-fqkx-v8t5-q3h6
7
vulnerability VCID-fut7-bb1f-37g7
8
vulnerability VCID-j8hk-bqnb-gycp
9
vulnerability VCID-jp1p-rfxa-hyd9
10
vulnerability VCID-k5t3-28es-h3ez
11
vulnerability VCID-nney-azbc-pucg
12
vulnerability VCID-p7gd-anw2-1qbz
13
vulnerability VCID-qv14-m93d-jyd9
14
vulnerability VCID-rqrw-t2kj-mud8
15
vulnerability VCID-ru6w-m6q6-27gn
16
vulnerability VCID-sdjb-gp4t-vbgt
17
vulnerability VCID-sdsa-mh76-kqch
18
vulnerability VCID-tgyt-axv1-c7ag
19
vulnerability VCID-uq77-aax5-k7d8
20
vulnerability VCID-x5x1-w7yv-eye9
21
vulnerability VCID-xw1s-93bu-wuh9
22
vulnerability VCID-y7ds-p5r2-yuhq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.23
1
url pkg:composer/typo3/cms@9.5.4
purl pkg:composer/typo3/cms@9.5.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-3ye6-vqje-abh4
4
vulnerability VCID-4an7-9ph4-mkd4
5
vulnerability VCID-4eym-e6vt-8fbs
6
vulnerability VCID-6mnf-2fcw-dqgp
7
vulnerability VCID-7m6u-k5tp-gkhy
8
vulnerability VCID-7xv1-78u7-xufp
9
vulnerability VCID-848u-w88s-5bbe
10
vulnerability VCID-8w4e-d49b-nbg8
11
vulnerability VCID-9adx-p876-kyb5
12
vulnerability VCID-a1g9-pyz5-9fca
13
vulnerability VCID-bbh5-rss8-bfct
14
vulnerability VCID-cvk2-93hm-gkhx
15
vulnerability VCID-e6zr-4bgg-kkh5
16
vulnerability VCID-ev4k-5k1d-2bhu
17
vulnerability VCID-fqkx-v8t5-q3h6
18
vulnerability VCID-fut7-bb1f-37g7
19
vulnerability VCID-j8hk-bqnb-gycp
20
vulnerability VCID-jp1p-rfxa-hyd9
21
vulnerability VCID-k5t3-28es-h3ez
22
vulnerability VCID-n1gz-y615-cbbk
23
vulnerability VCID-nney-azbc-pucg
24
vulnerability VCID-p7gd-anw2-1qbz
25
vulnerability VCID-qv14-m93d-jyd9
26
vulnerability VCID-rqrw-t2kj-mud8
27
vulnerability VCID-ru6w-m6q6-27gn
28
vulnerability VCID-sdjb-gp4t-vbgt
29
vulnerability VCID-sdsa-mh76-kqch
30
vulnerability VCID-tgyt-axv1-c7ag
31
vulnerability VCID-uq77-aax5-k7d8
32
vulnerability VCID-x5x1-w7yv-eye9
33
vulnerability VCID-xw1s-93bu-wuh9
34
vulnerability VCID-y7ds-p5r2-yuhq
35
vulnerability VCID-zeut-9wfp-q7et
36
vulnerability VCID-zkvq-bms4-gfcv
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.4
aliases GMS-2019-178
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vw2r-g8yy-eyf4
39
url VCID-w1wb-mq2y-dfca
vulnerability_id VCID-w1wb-mq2y-dfca
summary Privilege Escalation & SQL Injection in TYPO3 CMS.
references
0
reference_url https://typo3.org/security/advisory/typo3-core-sa-2018-003/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2018-003/
fixed_packages
0
url pkg:composer/typo3/cms@8.7.17
purl pkg:composer/typo3/cms@8.7.17
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-3ugj-6m1e-e3hr
3
vulnerability VCID-4eym-e6vt-8fbs
4
vulnerability VCID-7ch1-q9f4-a7bt
5
vulnerability VCID-7m6u-k5tp-gkhy
6
vulnerability VCID-848u-w88s-5bbe
7
vulnerability VCID-953t-q1cr-zyd6
8
vulnerability VCID-am6s-67bm-77dr
9
vulnerability VCID-bn3p-39sv-6fdg
10
vulnerability VCID-dsqm-9q3e-dudw
11
vulnerability VCID-emqq-kwjg-3kfk
12
vulnerability VCID-ev4k-5k1d-2bhu
13
vulnerability VCID-fdnw-2tz5-4fdr
14
vulnerability VCID-fqkx-v8t5-q3h6
15
vulnerability VCID-fut7-bb1f-37g7
16
vulnerability VCID-hp99-ncuh-6ugv
17
vulnerability VCID-j8hk-bqnb-gycp
18
vulnerability VCID-jp1p-rfxa-hyd9
19
vulnerability VCID-jq5y-7h9g-mufa
20
vulnerability VCID-k5t3-28es-h3ez
21
vulnerability VCID-khpm-e1xb-hydb
22
vulnerability VCID-nney-azbc-pucg
23
vulnerability VCID-p7gd-anw2-1qbz
24
vulnerability VCID-pmvp-twk2-jqe4
25
vulnerability VCID-qv14-m93d-jyd9
26
vulnerability VCID-qxab-9uwr-yqhv
27
vulnerability VCID-rqrw-t2kj-mud8
28
vulnerability VCID-ru6w-m6q6-27gn
29
vulnerability VCID-sdjb-gp4t-vbgt
30
vulnerability VCID-sdsa-mh76-kqch
31
vulnerability VCID-tgyt-axv1-c7ag
32
vulnerability VCID-u259-2sxq-tbct
33
vulnerability VCID-uq77-aax5-k7d8
34
vulnerability VCID-vw2r-g8yy-eyf4
35
vulnerability VCID-x5x1-w7yv-eye9
36
vulnerability VCID-xw1s-93bu-wuh9
37
vulnerability VCID-y7ds-p5r2-yuhq
38
vulnerability VCID-yz6t-ge1y-qfgr
39
vulnerability VCID-zmwv-gwq3-fkej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.17
1
url pkg:composer/typo3/cms@9.3.2
purl pkg:composer/typo3/cms@9.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-3ugj-6m1e-e3hr
4
vulnerability VCID-3ye6-vqje-abh4
5
vulnerability VCID-4an7-9ph4-mkd4
6
vulnerability VCID-4eym-e6vt-8fbs
7
vulnerability VCID-4jck-w9ct-budk
8
vulnerability VCID-6mnf-2fcw-dqgp
9
vulnerability VCID-7ch1-q9f4-a7bt
10
vulnerability VCID-7m6u-k5tp-gkhy
11
vulnerability VCID-7xv1-78u7-xufp
12
vulnerability VCID-848u-w88s-5bbe
13
vulnerability VCID-8w4e-d49b-nbg8
14
vulnerability VCID-953t-q1cr-zyd6
15
vulnerability VCID-9adx-p876-kyb5
16
vulnerability VCID-a1g9-pyz5-9fca
17
vulnerability VCID-am6s-67bm-77dr
18
vulnerability VCID-bbh5-rss8-bfct
19
vulnerability VCID-cvk2-93hm-gkhx
20
vulnerability VCID-dsqm-9q3e-dudw
21
vulnerability VCID-e6zr-4bgg-kkh5
22
vulnerability VCID-emqq-kwjg-3kfk
23
vulnerability VCID-ev4k-5k1d-2bhu
24
vulnerability VCID-fqkx-v8t5-q3h6
25
vulnerability VCID-fut7-bb1f-37g7
26
vulnerability VCID-hp99-ncuh-6ugv
27
vulnerability VCID-j8hk-bqnb-gycp
28
vulnerability VCID-jp1p-rfxa-hyd9
29
vulnerability VCID-jq5y-7h9g-mufa
30
vulnerability VCID-k5t3-28es-h3ez
31
vulnerability VCID-khpm-e1xb-hydb
32
vulnerability VCID-n1gz-y615-cbbk
33
vulnerability VCID-nney-azbc-pucg
34
vulnerability VCID-p7gd-anw2-1qbz
35
vulnerability VCID-pmvp-twk2-jqe4
36
vulnerability VCID-qv14-m93d-jyd9
37
vulnerability VCID-qxab-9uwr-yqhv
38
vulnerability VCID-rqrw-t2kj-mud8
39
vulnerability VCID-ru6w-m6q6-27gn
40
vulnerability VCID-sdjb-gp4t-vbgt
41
vulnerability VCID-sdsa-mh76-kqch
42
vulnerability VCID-tgyt-axv1-c7ag
43
vulnerability VCID-u259-2sxq-tbct
44
vulnerability VCID-uq77-aax5-k7d8
45
vulnerability VCID-vw2r-g8yy-eyf4
46
vulnerability VCID-x5x1-w7yv-eye9
47
vulnerability VCID-xw1s-93bu-wuh9
48
vulnerability VCID-y7ds-p5r2-yuhq
49
vulnerability VCID-yz6t-ge1y-qfgr
50
vulnerability VCID-zeut-9wfp-q7et
51
vulnerability VCID-zkvq-bms4-gfcv
52
vulnerability VCID-zmwv-gwq3-fkej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.3.2
aliases GMS-2018-95
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w1wb-mq2y-dfca
40
url VCID-x5x1-w7yv-eye9
vulnerability_id VCID-x5x1-w7yv-eye9
summary 
Code Injection
Possible Arbitrary Code Execution in Image Processing.
references
0
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-012/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2019-012/
fixed_packages
0
url pkg:composer/typo3/cms@8.7.25
purl pkg:composer/typo3/cms@8.7.25
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-4eym-e6vt-8fbs
3
vulnerability VCID-7m6u-k5tp-gkhy
4
vulnerability VCID-848u-w88s-5bbe
5
vulnerability VCID-cbmm-1b2k-8qaz
6
vulnerability VCID-ev4k-5k1d-2bhu
7
vulnerability VCID-fqkx-v8t5-q3h6
8
vulnerability VCID-fut7-bb1f-37g7
9
vulnerability VCID-j8hk-bqnb-gycp
10
vulnerability VCID-jp1p-rfxa-hyd9
11
vulnerability VCID-nney-azbc-pucg
12
vulnerability VCID-p7gd-anw2-1qbz
13
vulnerability VCID-qv14-m93d-jyd9
14
vulnerability VCID-rqrw-t2kj-mud8
15
vulnerability VCID-sdjb-gp4t-vbgt
16
vulnerability VCID-tgyt-axv1-c7ag
17
vulnerability VCID-uq77-aax5-k7d8
18
vulnerability VCID-xw1s-93bu-wuh9
19
vulnerability VCID-y7ds-p5r2-yuhq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.25
1
url pkg:composer/typo3/cms@9.5.6
purl pkg:composer/typo3/cms@9.5.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-4an7-9ph4-mkd4
4
vulnerability VCID-4eym-e6vt-8fbs
5
vulnerability VCID-6mnf-2fcw-dqgp
6
vulnerability VCID-7m6u-k5tp-gkhy
7
vulnerability VCID-7xv1-78u7-xufp
8
vulnerability VCID-848u-w88s-5bbe
9
vulnerability VCID-8w4e-d49b-nbg8
10
vulnerability VCID-a1g9-pyz5-9fca
11
vulnerability VCID-bbh5-rss8-bfct
12
vulnerability VCID-cbmm-1b2k-8qaz
13
vulnerability VCID-cvk2-93hm-gkhx
14
vulnerability VCID-e6zr-4bgg-kkh5
15
vulnerability VCID-ev4k-5k1d-2bhu
16
vulnerability VCID-fqkx-v8t5-q3h6
17
vulnerability VCID-fut7-bb1f-37g7
18
vulnerability VCID-j8hk-bqnb-gycp
19
vulnerability VCID-jp1p-rfxa-hyd9
20
vulnerability VCID-n1gz-y615-cbbk
21
vulnerability VCID-nney-azbc-pucg
22
vulnerability VCID-p7gd-anw2-1qbz
23
vulnerability VCID-qv14-m93d-jyd9
24
vulnerability VCID-rqrw-t2kj-mud8
25
vulnerability VCID-sdjb-gp4t-vbgt
26
vulnerability VCID-tgyt-axv1-c7ag
27
vulnerability VCID-uq77-aax5-k7d8
28
vulnerability VCID-xw1s-93bu-wuh9
29
vulnerability VCID-y7ds-p5r2-yuhq
30
vulnerability VCID-zeut-9wfp-q7et
31
vulnerability VCID-zkvq-bms4-gfcv
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.6
aliases GMS-2019-182
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x5x1-w7yv-eye9
41
url VCID-xw1s-93bu-wuh9
vulnerability_id VCID-xw1s-93bu-wuh9
summary 
Path Traversal
It has been discovered that the extraction of manually uploaded ZIP archives in Extension Manager is vulnerable to directory traversal. Admin privileges are required in order to exploit this vulnerability.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-19848
reference_id
reference_type
scores
0
value 0.00374
scoring_system epss
scoring_elements 0.59393
published_at 2026-06-04T12:55:00Z
1
value 0.00374
scoring_system epss
scoring_elements 0.59443
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-19848
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-19848.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-19848.yaml
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-19848.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-19848.yaml
3
reference_url https://review.typo3.org/q/%2522Resolves:+%252388764%2522+topic:security
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://review.typo3.org/q/%2522Resolves:+%252388764%2522+topic:security
4
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-024
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2019-024
5
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-024/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2019-024/
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-19848
reference_id CVE-2019-19848
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-19848
7
reference_url https://github.com/advisories/GHSA-77p4-wfr8-977w
reference_id GHSA-77p4-wfr8-977w
reference_type
scores
url https://github.com/advisories/GHSA-77p4-wfr8-977w
fixed_packages
0
url pkg:composer/typo3/cms@8.7.30
purl pkg:composer/typo3/cms@8.7.30
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-848u-w88s-5bbe
3
vulnerability VCID-ev4k-5k1d-2bhu
4
vulnerability VCID-fqkx-v8t5-q3h6
5
vulnerability VCID-j8hk-bqnb-gycp
6
vulnerability VCID-jp1p-rfxa-hyd9
7
vulnerability VCID-sdjb-gp4t-vbgt
8
vulnerability VCID-tgyt-axv1-c7ag
9
vulnerability VCID-uq77-aax5-k7d8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.30
1
url pkg:composer/typo3/cms@9.5.12
purl pkg:composer/typo3/cms@9.5.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-4an7-9ph4-mkd4
4
vulnerability VCID-6mnf-2fcw-dqgp
5
vulnerability VCID-848u-w88s-5bbe
6
vulnerability VCID-8w4e-d49b-nbg8
7
vulnerability VCID-a1g9-pyz5-9fca
8
vulnerability VCID-bbh5-rss8-bfct
9
vulnerability VCID-bcbd-zzet-mff6
10
vulnerability VCID-e6zr-4bgg-kkh5
11
vulnerability VCID-ev4k-5k1d-2bhu
12
vulnerability VCID-fqkx-v8t5-q3h6
13
vulnerability VCID-j8hk-bqnb-gycp
14
vulnerability VCID-jp1p-rfxa-hyd9
15
vulnerability VCID-n1gz-y615-cbbk
16
vulnerability VCID-sdjb-gp4t-vbgt
17
vulnerability VCID-tgyt-axv1-c7ag
18
vulnerability VCID-uq77-aax5-k7d8
19
vulnerability VCID-zkvq-bms4-gfcv
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.12
2
url pkg:composer/typo3/cms@10.2.2
purl pkg:composer/typo3/cms@10.2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-2tz2-8qdm-2kcv
4
vulnerability VCID-4an7-9ph4-mkd4
5
vulnerability VCID-6mnf-2fcw-dqgp
6
vulnerability VCID-6urp-p9mn-cffv
7
vulnerability VCID-848u-w88s-5bbe
8
vulnerability VCID-8w4e-d49b-nbg8
9
vulnerability VCID-a1g9-pyz5-9fca
10
vulnerability VCID-bbh5-rss8-bfct
11
vulnerability VCID-bcbd-zzet-mff6
12
vulnerability VCID-c46m-ht19-ybc4
13
vulnerability VCID-e6zr-4bgg-kkh5
14
vulnerability VCID-ev4k-5k1d-2bhu
15
vulnerability VCID-fqkx-v8t5-q3h6
16
vulnerability VCID-j8hk-bqnb-gycp
17
vulnerability VCID-jp1p-rfxa-hyd9
18
vulnerability VCID-n1gz-y615-cbbk
19
vulnerability VCID-r3az-g422-gqf9
20
vulnerability VCID-sdjb-gp4t-vbgt
21
vulnerability VCID-tgyt-axv1-c7ag
22
vulnerability VCID-uq77-aax5-k7d8
23
vulnerability VCID-zkvq-bms4-gfcv
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.2.2
aliases CVE-2019-19848, GHSA-77p4-wfr8-977w
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xw1s-93bu-wuh9
42
url VCID-y7ds-p5r2-yuhq
vulnerability_id VCID-y7ds-p5r2-yuhq
summary Security Misconfiguration in Frontend Session Handling.
references
0
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-018/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2019-018/
fixed_packages
0
url pkg:composer/typo3/cms@8.7.27
purl pkg:composer/typo3/cms@8.7.27
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-848u-w88s-5bbe
3
vulnerability VCID-ev4k-5k1d-2bhu
4
vulnerability VCID-fqkx-v8t5-q3h6
5
vulnerability VCID-j8hk-bqnb-gycp
6
vulnerability VCID-jp1p-rfxa-hyd9
7
vulnerability VCID-p7gd-anw2-1qbz
8
vulnerability VCID-rqrw-t2kj-mud8
9
vulnerability VCID-sdjb-gp4t-vbgt
10
vulnerability VCID-tgyt-axv1-c7ag
11
vulnerability VCID-uq77-aax5-k7d8
12
vulnerability VCID-xw1s-93bu-wuh9
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.27
1
url pkg:composer/typo3/cms@9.5.8
purl pkg:composer/typo3/cms@9.5.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-4an7-9ph4-mkd4
4
vulnerability VCID-6mnf-2fcw-dqgp
5
vulnerability VCID-848u-w88s-5bbe
6
vulnerability VCID-8w4e-d49b-nbg8
7
vulnerability VCID-a1g9-pyz5-9fca
8
vulnerability VCID-bbh5-rss8-bfct
9
vulnerability VCID-e6zr-4bgg-kkh5
10
vulnerability VCID-ev4k-5k1d-2bhu
11
vulnerability VCID-fqkx-v8t5-q3h6
12
vulnerability VCID-j8hk-bqnb-gycp
13
vulnerability VCID-jp1p-rfxa-hyd9
14
vulnerability VCID-n1gz-y615-cbbk
15
vulnerability VCID-p7gd-anw2-1qbz
16
vulnerability VCID-rqrw-t2kj-mud8
17
vulnerability VCID-sdjb-gp4t-vbgt
18
vulnerability VCID-tgyt-axv1-c7ag
19
vulnerability VCID-uq77-aax5-k7d8
20
vulnerability VCID-xw1s-93bu-wuh9
21
vulnerability VCID-zkvq-bms4-gfcv
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.8
aliases GMS-2019-187
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y7ds-p5r2-yuhq
43
url VCID-yz6t-ge1y-qfgr
vulnerability_id VCID-yz6t-ge1y-qfgr
summary Security Misconfiguration in Install Tool Cookie.
references
0
reference_url https://typo3.org/security/advisory/typo3-core-sa-2018-009/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2018-009/
fixed_packages
0
url pkg:composer/typo3/cms@8.7.21
purl pkg:composer/typo3/cms@8.7.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-4eym-e6vt-8fbs
3
vulnerability VCID-7m6u-k5tp-gkhy
4
vulnerability VCID-848u-w88s-5bbe
5
vulnerability VCID-am6s-67bm-77dr
6
vulnerability VCID-bn3p-39sv-6fdg
7
vulnerability VCID-ev4k-5k1d-2bhu
8
vulnerability VCID-fqkx-v8t5-q3h6
9
vulnerability VCID-fut7-bb1f-37g7
10
vulnerability VCID-j8hk-bqnb-gycp
11
vulnerability VCID-jp1p-rfxa-hyd9
12
vulnerability VCID-k5t3-28es-h3ez
13
vulnerability VCID-khpm-e1xb-hydb
14
vulnerability VCID-nney-azbc-pucg
15
vulnerability VCID-p7gd-anw2-1qbz
16
vulnerability VCID-pmvp-twk2-jqe4
17
vulnerability VCID-qv14-m93d-jyd9
18
vulnerability VCID-rqrw-t2kj-mud8
19
vulnerability VCID-ru6w-m6q6-27gn
20
vulnerability VCID-sdjb-gp4t-vbgt
21
vulnerability VCID-sdsa-mh76-kqch
22
vulnerability VCID-tgyt-axv1-c7ag
23
vulnerability VCID-u259-2sxq-tbct
24
vulnerability VCID-uq77-aax5-k7d8
25
vulnerability VCID-vw2r-g8yy-eyf4
26
vulnerability VCID-x5x1-w7yv-eye9
27
vulnerability VCID-xw1s-93bu-wuh9
28
vulnerability VCID-y7ds-p5r2-yuhq
29
vulnerability VCID-zmwv-gwq3-fkej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.21
1
url pkg:composer/typo3/cms@9.5.2
purl pkg:composer/typo3/cms@9.5.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-3ye6-vqje-abh4
4
vulnerability VCID-4an7-9ph4-mkd4
5
vulnerability VCID-4eym-e6vt-8fbs
6
vulnerability VCID-4jck-w9ct-budk
7
vulnerability VCID-6mnf-2fcw-dqgp
8
vulnerability VCID-7m6u-k5tp-gkhy
9
vulnerability VCID-7xv1-78u7-xufp
10
vulnerability VCID-848u-w88s-5bbe
11
vulnerability VCID-8w4e-d49b-nbg8
12
vulnerability VCID-9adx-p876-kyb5
13
vulnerability VCID-a1g9-pyz5-9fca
14
vulnerability VCID-am6s-67bm-77dr
15
vulnerability VCID-bbh5-rss8-bfct
16
vulnerability VCID-cvk2-93hm-gkhx
17
vulnerability VCID-e6zr-4bgg-kkh5
18
vulnerability VCID-ev4k-5k1d-2bhu
19
vulnerability VCID-fqkx-v8t5-q3h6
20
vulnerability VCID-fut7-bb1f-37g7
21
vulnerability VCID-j8hk-bqnb-gycp
22
vulnerability VCID-jp1p-rfxa-hyd9
23
vulnerability VCID-k5t3-28es-h3ez
24
vulnerability VCID-khpm-e1xb-hydb
25
vulnerability VCID-n1gz-y615-cbbk
26
vulnerability VCID-nney-azbc-pucg
27
vulnerability VCID-p7gd-anw2-1qbz
28
vulnerability VCID-pmvp-twk2-jqe4
29
vulnerability VCID-qv14-m93d-jyd9
30
vulnerability VCID-rqrw-t2kj-mud8
31
vulnerability VCID-ru6w-m6q6-27gn
32
vulnerability VCID-sdjb-gp4t-vbgt
33
vulnerability VCID-sdsa-mh76-kqch
34
vulnerability VCID-tgyt-axv1-c7ag
35
vulnerability VCID-u259-2sxq-tbct
36
vulnerability VCID-uq77-aax5-k7d8
37
vulnerability VCID-vw2r-g8yy-eyf4
38
vulnerability VCID-x5x1-w7yv-eye9
39
vulnerability VCID-xw1s-93bu-wuh9
40
vulnerability VCID-y7ds-p5r2-yuhq
41
vulnerability VCID-zeut-9wfp-q7et
42
vulnerability VCID-zkvq-bms4-gfcv
43
vulnerability VCID-zmwv-gwq3-fkej
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.2
aliases GMS-2018-100
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yz6t-ge1y-qfgr
44
url VCID-zmwv-gwq3-fkej
vulnerability_id VCID-zmwv-gwq3-fkej
summary 
Cross-site Scripting
Cross-Site Scripting in Form Framework.
references
0
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-007/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2019-007/
fixed_packages
0
url pkg:composer/typo3/cms@8.7.23
purl pkg:composer/typo3/cms@8.7.23
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-4eym-e6vt-8fbs
3
vulnerability VCID-7m6u-k5tp-gkhy
4
vulnerability VCID-848u-w88s-5bbe
5
vulnerability VCID-ev4k-5k1d-2bhu
6
vulnerability VCID-fqkx-v8t5-q3h6
7
vulnerability VCID-fut7-bb1f-37g7
8
vulnerability VCID-j8hk-bqnb-gycp
9
vulnerability VCID-jp1p-rfxa-hyd9
10
vulnerability VCID-k5t3-28es-h3ez
11
vulnerability VCID-nney-azbc-pucg
12
vulnerability VCID-p7gd-anw2-1qbz
13
vulnerability VCID-qv14-m93d-jyd9
14
vulnerability VCID-rqrw-t2kj-mud8
15
vulnerability VCID-ru6w-m6q6-27gn
16
vulnerability VCID-sdjb-gp4t-vbgt
17
vulnerability VCID-sdsa-mh76-kqch
18
vulnerability VCID-tgyt-axv1-c7ag
19
vulnerability VCID-uq77-aax5-k7d8
20
vulnerability VCID-x5x1-w7yv-eye9
21
vulnerability VCID-xw1s-93bu-wuh9
22
vulnerability VCID-y7ds-p5r2-yuhq
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.23
1
url pkg:composer/typo3/cms@9.5.4
purl pkg:composer/typo3/cms@9.5.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ffs-9vj5-27hk
1
vulnerability VCID-1sfk-z8py-ykb8
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-3ye6-vqje-abh4
4
vulnerability VCID-4an7-9ph4-mkd4
5
vulnerability VCID-4eym-e6vt-8fbs
6
vulnerability VCID-6mnf-2fcw-dqgp
7
vulnerability VCID-7m6u-k5tp-gkhy
8
vulnerability VCID-7xv1-78u7-xufp
9
vulnerability VCID-848u-w88s-5bbe
10
vulnerability VCID-8w4e-d49b-nbg8
11
vulnerability VCID-9adx-p876-kyb5
12
vulnerability VCID-a1g9-pyz5-9fca
13
vulnerability VCID-bbh5-rss8-bfct
14
vulnerability VCID-cvk2-93hm-gkhx
15
vulnerability VCID-e6zr-4bgg-kkh5
16
vulnerability VCID-ev4k-5k1d-2bhu
17
vulnerability VCID-fqkx-v8t5-q3h6
18
vulnerability VCID-fut7-bb1f-37g7
19
vulnerability VCID-j8hk-bqnb-gycp
20
vulnerability VCID-jp1p-rfxa-hyd9
21
vulnerability VCID-k5t3-28es-h3ez
22
vulnerability VCID-n1gz-y615-cbbk
23
vulnerability VCID-nney-azbc-pucg
24
vulnerability VCID-p7gd-anw2-1qbz
25
vulnerability VCID-qv14-m93d-jyd9
26
vulnerability VCID-rqrw-t2kj-mud8
27
vulnerability VCID-ru6w-m6q6-27gn
28
vulnerability VCID-sdjb-gp4t-vbgt
29
vulnerability VCID-sdsa-mh76-kqch
30
vulnerability VCID-tgyt-axv1-c7ag
31
vulnerability VCID-uq77-aax5-k7d8
32
vulnerability VCID-x5x1-w7yv-eye9
33
vulnerability VCID-xw1s-93bu-wuh9
34
vulnerability VCID-y7ds-p5r2-yuhq
35
vulnerability VCID-zeut-9wfp-q7et
36
vulnerability VCID-zkvq-bms4-gfcv
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.4
aliases GMS-2019-177
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zmwv-gwq3-fkej
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.6