Package Instance

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://typo3.org/security/advisory/typo3-core-sa-2011-001/#XSS

reference_url

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://typo3.org/security/advisory/typo3-core-sa-2011-001/#XSS

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3::::::::
reference_id	cpe:2.3:a:typo3:typo3::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2011-4630

reference_id

CVE-2011-4630

reference_type

scores

value	3.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:S/C:N/I:P/A:N

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2011-4630

reference_url

https://security-tracker.debian.org/tracker/CVE-2011-4630

reference_id

CVE-2011-4630

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security-tracker.debian.org/tracker/CVE-2011-4630

reference_url

https://github.com/advisories/GHSA-29wr-24h5-95r5

reference_id

GHSA-29wr-24h5-95r5

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-29wr-24h5-95r5

fixed_packages

url	pkg:composer/typo3/cms@4.4.9
purl	pkg:composer/typo3/cms@4.4.9
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.4.9

url	pkg:composer/typo3/cms@4.5.4
purl	pkg:composer/typo3/cms@4.5.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.5.4

aliases CVE-2011-4630, GHSA-29wr-24h5-95r5

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2zuf-yf2d-t3hg

url VCID-57cn-dmzh-4kdq

vulnerability_id VCID-57cn-dmzh-4kdq

summary

Typo3 Exception Handler XSS
Cross-site scripting (XSS) vulnerability in the Exception Handler in TYPO3 4.4.x before 4.4.15, 4.5.x before 4.5.15, 4.6.x before 4.6.8, and 4.7 allows remote attackers to inject arbitrary web script or HTML via exception messages.

references

reference_url

http://lists.typo3.org/pipermail/typo3-announce/2012/000241.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.typo3.org/pipermail/typo3-announce/2012/000241.html

reference_url

http://lists.typo3.org/pipermail/typo3-announce/2012/000242.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.typo3.org/pipermail/typo3-announce/2012/000242.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-2112

reference_id

reference_type

scores

value	0.00503
scoring_system	epss
scoring_elements	0.66131
published_at	2026-04-21T12:55:00Z

value	0.00503
scoring_system	epss
scoring_elements	0.6609
published_at	2026-04-04T12:55:00Z

value	0.00503
scoring_system	epss
scoring_elements	0.66056
published_at	2026-04-07T12:55:00Z

value	0.00503
scoring_system	epss
scoring_elements	0.66105
published_at	2026-04-08T12:55:00Z

value	0.00503
scoring_system	epss
scoring_elements	0.66118
published_at	2026-04-09T12:55:00Z

value	0.00503
scoring_system	epss
scoring_elements	0.66137
published_at	2026-04-11T12:55:00Z

value	0.00503
scoring_system	epss
scoring_elements	0.66124
published_at	2026-04-12T12:55:00Z

value	0.00503
scoring_system	epss
scoring_elements	0.66094
published_at	2026-04-13T12:55:00Z

value	0.00503
scoring_system	epss
scoring_elements	0.6613
published_at	2026-04-16T12:55:00Z

value	0.00503
scoring_system	epss
scoring_elements	0.66143
published_at	2026-04-18T12:55:00Z

value	0.00503
scoring_system	epss
scoring_elements	0.6602
published_at	2026-04-01T12:55:00Z

value	0.00503
scoring_system	epss
scoring_elements	0.66062
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-2112

reference_url

https://exchange.xforce.ibmcloud.com/vulnerabilities/74920

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://exchange.xforce.ibmcloud.com/vulnerabilities/74920

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2012-2112

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2012-2112

reference_url

https://web.archive.org/web/20120421201555/http://www.securityfocus.com/bid/53047

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20120421201555/http://www.securityfocus.com/bid/53047

reference_url

http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-002

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-002

reference_url	http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-002/
reference_id
reference_type
scores
url	http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-002/

reference_url

http://www.debian.org/security/2012/dsa-2455

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.debian.org/security/2012/dsa-2455

reference_url

http://www.openwall.com/lists/oss-security/2012/04/17/5

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2012/04/17/5

reference_url

http://www.openwall.com/lists/oss-security/2012/04/18/1

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2012/04/18/1

reference_url	http://www.securityfocus.com/bid/53047
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/53047

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.0:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.1:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.10:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.11:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.12:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.13:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.13:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.13:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.14:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.14:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.14:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.2:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.3:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.4:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.5:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.6:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.7:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.8:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.9:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.0:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.1:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.10:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.11:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.12:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.13:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.13:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.13:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.14:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.14:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.14:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.2:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.3:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.4:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.5:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.6:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.7:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.8:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.9:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.0:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.1:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.2:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.6.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.3:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.6.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.4:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.6.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.5:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.6.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.6:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.6.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.7:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.6.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.7:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.7:::::::*

reference_url

https://github.com/advisories/GHSA-qfr3-29w6-hwpg

reference_id

GHSA-qfr3-29w6-hwpg

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-qfr3-29w6-hwpg

fixed_packages

url	pkg:composer/typo3/cms@4.4.15
purl	pkg:composer/typo3/cms@4.4.15
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.4.15

url	pkg:composer/typo3/cms@4.5.15
purl	pkg:composer/typo3/cms@4.5.15
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.5.15

url	pkg:composer/typo3/cms@4.6.8
purl	pkg:composer/typo3/cms@4.6.8
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.6.8

aliases CVE-2012-2112, GHSA-qfr3-29w6-hwpg

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-57cn-dmzh-4kdq

url VCID-5arh-exf5-zub1

vulnerability_id VCID-5arh-exf5-zub1

summary

TYPO3 SQL Injection vulnerability
SQL injection vulnerability in the list module in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allows remote authenticated users with certain permissions to execute arbitrary SQL commands via unspecified vectors.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-5103

reference_id

reference_type

scores

value	0.00652
scoring_system	epss
scoring_elements	0.70849
published_at	2026-04-04T12:55:00Z

value	0.00652
scoring_system	epss
scoring_elements	0.70908
published_at	2026-04-21T12:55:00Z

value	0.00652
scoring_system	epss
scoring_elements	0.70928
published_at	2026-04-18T12:55:00Z

value	0.00652
scoring_system	epss
scoring_elements	0.70921
published_at	2026-04-16T12:55:00Z

value	0.00652
scoring_system	epss
scoring_elements	0.70875
published_at	2026-04-13T12:55:00Z

value	0.00652
scoring_system	epss
scoring_elements	0.70891
published_at	2026-04-12T12:55:00Z

value	0.00652
scoring_system	epss
scoring_elements	0.70906
published_at	2026-04-11T12:55:00Z

value	0.00652
scoring_system	epss
scoring_elements	0.70883
published_at	2026-04-09T12:55:00Z

value	0.00652
scoring_system	epss
scoring_elements	0.70824
published_at	2026-04-07T12:55:00Z

value	0.00652
scoring_system	epss
scoring_elements	0.70816
published_at	2026-04-01T12:55:00Z

value	0.00652
scoring_system	epss
scoring_elements	0.70831
published_at	2026-04-02T12:55:00Z

value	0.00652
scoring_system	epss
scoring_elements	0.70868
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-5103

reference_url

https://exchange.xforce.ibmcloud.com/vulnerabilities/64184

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://exchange.xforce.ibmcloud.com/vulnerabilities/64184

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2010-5103

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2010-5103

reference_url

https://web.archive.org/web/20120123102224/http://www.securityfocus.com/bid/45470

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20120123102224/http://www.securityfocus.com/bid/45470

reference_url

https://web.archive.org/web/20120801235059/http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-022

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20120801235059/http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-022

reference_url

http://www.openwall.com/lists/oss-security/2011/01/13/2

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2011/01/13/2

reference_url

http://www.openwall.com/lists/oss-security/2012/05/10/7

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2012/05/10/7

reference_url

http://www.openwall.com/lists/oss-security/2012/05/11/3

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2012/05/11/3

reference_url

http://www.openwall.com/lists/oss-security/2012/05/12/5

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2012/05/12/5

reference_url

https://github.com/advisories/GHSA-r2w2-2r2x-fpcx

reference_id

GHSA-r2w2-2r2x-fpcx

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-r2w2-2r2x-fpcx

fixed_packages

url	pkg:composer/typo3/cms@4.4.5
purl	pkg:composer/typo3/cms@4.4.5
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.4.5

aliases CVE-2010-5103, GHSA-r2w2-2r2x-fpcx

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5arh-exf5-zub1

url VCID-88ng-ph1q-cybw

vulnerability_id VCID-88ng-ph1q-cybw

summary

Improper Input Validation
The t3lib_div::RemoveXSS API method in TYPO3 4.4.0 through 4.4.13, 4.5.0 through 4.5.13, 4.6.0 through 4.6.6, 4.7, and 6.0 allows remote attackers to bypass the cross-site scripting (XSS) protection mechanism and inject arbitrary web script or HTML via non printable characters.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-1608

reference_id

reference_type

scores

value	0.00678
scoring_system	epss
scoring_elements	0.71538
published_at	2026-04-21T12:55:00Z

value	0.00678
scoring_system	epss
scoring_elements	0.71507
published_at	2026-04-08T12:55:00Z

value	0.00678
scoring_system	epss
scoring_elements	0.7152
published_at	2026-04-09T12:55:00Z

value	0.00678
scoring_system	epss
scoring_elements	0.71542
published_at	2026-04-11T12:55:00Z

value	0.00678
scoring_system	epss
scoring_elements	0.71527
published_at	2026-04-12T12:55:00Z

value	0.00678
scoring_system	epss
scoring_elements	0.71508
published_at	2026-04-13T12:55:00Z

value	0.00678
scoring_system	epss
scoring_elements	0.71555
published_at	2026-04-16T12:55:00Z

value	0.00678
scoring_system	epss
scoring_elements	0.7156
published_at	2026-04-18T12:55:00Z

value	0.00678
scoring_system	epss
scoring_elements	0.7147
published_at	2026-04-01T12:55:00Z

value	0.00678
scoring_system	epss
scoring_elements	0.71477
published_at	2026-04-02T12:55:00Z

value	0.00678
scoring_system	epss
scoring_elements	0.71494
published_at	2026-04-04T12:55:00Z

value	0.00678
scoring_system	epss
scoring_elements	0.71467
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-1608

reference_url	http://secunia.com/advisories/48647
reference_id
reference_type
scores
url	http://secunia.com/advisories/48647

reference_url

https://web.archive.org/web/20120527123559/http://www.securityfocus.com/bid/52771

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20120527123559/http://www.securityfocus.com/bid/52771

reference_url

http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-001

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-001

reference_url	http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-001/
reference_id
reference_type
scores
url	http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-001/

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2012/03/30/4

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2012/03/30/4

reference_url	http://www.osvdb.org/80762
reference_id
reference_type
scores
url	http://www.osvdb.org/80762

reference_url	http://www.securityfocus.com/bid/52771
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/52771

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.0:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.1:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.10:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.11:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.12:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.13:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.13:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.13:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.2:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.3:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.4:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.5:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.6:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.7:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.8:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.9:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.0:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.1:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.10:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.11:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.12:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.13:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.13:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.13:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.2:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.3:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.4:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.5:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.6:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.7:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.8:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.9:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.0:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.1:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.2:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.6.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.3:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.6.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.4:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.6.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.5:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.6.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.6:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.6.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.7:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:6.0:::::::*
reference_id	cpe:2.3:a:typo3:typo3:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:6.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2012-1608

reference_id

CVE-2012-1608

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:P/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2012-1608

reference_url

https://github.com/advisories/GHSA-w3v6-r62r-fvqh

reference_id

GHSA-w3v6-r62r-fvqh

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-w3v6-r62r-fvqh

fixed_packages

url	pkg:composer/typo3/cms@4.4.14
purl	pkg:composer/typo3/cms@4.4.14
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.4.14

url	pkg:composer/typo3/cms@4.5.14
purl	pkg:composer/typo3/cms@4.5.14
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.5.14

url	pkg:composer/typo3/cms@4.6.7
purl	pkg:composer/typo3/cms@4.6.7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.6.7

aliases CVE-2012-1608, GHSA-w3v6-r62r-fvqh

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-88ng-ph1q-cybw

url VCID-93v3-exum-5qf5

vulnerability_id VCID-93v3-exum-5qf5

summary

Improper Authentication
TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to bypass authentication mechanisms in the backend through a crafted request.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-4628

reference_id

reference_type

scores

value	0.0071
scoring_system	epss
scoring_elements	0.72261
published_at	2026-04-21T12:55:00Z

value	0.0071
scoring_system	epss
scoring_elements	0.72184
published_at	2026-04-02T12:55:00Z

value	0.0071
scoring_system	epss
scoring_elements	0.72205
published_at	2026-04-04T12:55:00Z

value	0.0071
scoring_system	epss
scoring_elements	0.7218
published_at	2026-04-07T12:55:00Z

value	0.0071
scoring_system	epss
scoring_elements	0.72217
published_at	2026-04-08T12:55:00Z

value	0.0071
scoring_system	epss
scoring_elements	0.72229
published_at	2026-04-09T12:55:00Z

value	0.0071
scoring_system	epss
scoring_elements	0.72252
published_at	2026-04-11T12:55:00Z

value	0.0071
scoring_system	epss
scoring_elements	0.72235
published_at	2026-04-12T12:55:00Z

value	0.0071
scoring_system	epss
scoring_elements	0.72222
published_at	2026-04-13T12:55:00Z

value	0.0071
scoring_system	epss
scoring_elements	0.72265
published_at	2026-04-16T12:55:00Z

value	0.0071
scoring_system	epss
scoring_elements	0.72274
published_at	2026-04-18T12:55:00Z

value	0.0071
scoring_system	epss
scoring_elements	0.72179
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-4628

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://typo3.org/security/advisory/typo3-core-sa-2011-001/#Authentication_Delay_Bypass

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://typo3.org/security/advisory/typo3-core-sa-2011-001/#Authentication_Delay_Bypass

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3::::::::
reference_id	cpe:2.3:a:typo3:typo3::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2011-4628

reference_id

CVE-2011-4628

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2011-4628

reference_url

https://security-tracker.debian.org/tracker/CVE-2011-4628

reference_id

CVE-2011-4628

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security-tracker.debian.org/tracker/CVE-2011-4628

reference_url

https://github.com/advisories/GHSA-79gv-5cgx-x6rx

reference_id

GHSA-79gv-5cgx-x6rx

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-79gv-5cgx-x6rx

fixed_packages

url	pkg:composer/typo3/cms@4.4.9
purl	pkg:composer/typo3/cms@4.4.9
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.4.9

url	pkg:composer/typo3/cms@4.5.4
purl	pkg:composer/typo3/cms@4.5.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.5.4

aliases CVE-2011-4628, GHSA-79gv-5cgx-x6rx

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-93v3-exum-5qf5

url VCID-enht-zcrt-mbe6

vulnerability_id VCID-enht-zcrt-mbe6

summary

TYPO3 Path Traversal vulnerability
The fileDenyPattern functionality in the PHP file inclusion protection API in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 does not properly filter file types, which allows remote attackers to bypass intended access restrictions and access arbitrary PHP files, as demonstrated using path traversal sequences with %00 null bytes and CVE-2010-3714 to read the TYPO3 encryption key from localconf.php.

references

reference_url

http://blog.nibblesec.org/2010/12/typo3-sa-2010-020-typo3-sa-2010-022.html

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://blog.nibblesec.org/2010/12/typo3-sa-2010-020-typo3-sa-2010-022.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-5099

reference_id

reference_type

scores

value	0.05249
scoring_system	epss
scoring_elements	0.89995
published_at	2026-04-21T12:55:00Z

value	0.05957
scoring_system	epss
scoring_elements	0.90646
published_at	2026-04-13T12:55:00Z

value	0.05957
scoring_system	epss
scoring_elements	0.90652
published_at	2026-04-12T12:55:00Z

value	0.05957
scoring_system	epss
scoring_elements	0.90643
published_at	2026-04-09T12:55:00Z

value	0.05957
scoring_system	epss
scoring_elements	0.90605
published_at	2026-04-01T12:55:00Z

value	0.05957
scoring_system	epss
scoring_elements	0.90664
published_at	2026-04-18T12:55:00Z

value	0.05957
scoring_system	epss
scoring_elements	0.90666
published_at	2026-04-16T12:55:00Z

value	0.05957
scoring_system	epss
scoring_elements	0.90637
published_at	2026-04-08T12:55:00Z

value	0.05957
scoring_system	epss
scoring_elements	0.90626
published_at	2026-04-07T12:55:00Z

value	0.05957
scoring_system	epss
scoring_elements	0.90618
published_at	2026-04-04T12:55:00Z

value	0.05957
scoring_system	epss
scoring_elements	0.90608
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-5099

reference_url

https://exchange.xforce.ibmcloud.com/vulnerabilities/64180

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://exchange.xforce.ibmcloud.com/vulnerabilities/64180

reference_url

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20120801235059/http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-022

reference_url

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20120801235059/http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-022

reference_url

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2011/01/13/2

reference_url

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2011/01/13/2

reference_url

http://www.openwall.com/lists/oss-security/2012/05/10/7

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2012/05/10/7

reference_url

http://www.openwall.com/lists/oss-security/2012/05/11/3

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2012/05/11/3

reference_url

http://www.openwall.com/lists/oss-security/2012/05/12/5

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2012/05/12/5

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2010-5099

reference_id

CVE-2010-5099

reference_type

scores

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2010-5099

reference_url

https://github.com/advisories/GHSA-66j3-66cp-6c2m

reference_id

GHSA-66j3-66cp-6c2m

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-66j3-66cp-6c2m

fixed_packages

url	pkg:composer/typo3/cms@4.4.5
purl	pkg:composer/typo3/cms@4.4.5
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.4.5

aliases CVE-2010-5099, GHSA-66j3-66cp-6c2m

risk_score 10.0

exploitability 2.0

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-enht-zcrt-mbe6

url VCID-fprf-zjud-8fcv

vulnerability_id VCID-fprf-zjud-8fcv

summary

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in the Backend component in TYPO3 4.4.0 through 4.4.13, 4.5.0 through 4.5.13, 4.6.0 through 4.6.6, 4.7, and 6.0 allow remote authenticated backend users to inject arbitrary web script or HTML via unspecified vectors.

references

reference_url	http://osvdb.org/80760
reference_id
reference_type
scores
url	http://osvdb.org/80760

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-1606

reference_id

reference_type

scores

value	0.00287
scoring_system	epss
scoring_elements	0.52176
published_at	2026-04-21T12:55:00Z

value	0.00287
scoring_system	epss
scoring_elements	0.52135
published_at	2026-04-08T12:55:00Z

value	0.00287
scoring_system	epss
scoring_elements	0.52131
published_at	2026-04-09T12:55:00Z

value	0.00287
scoring_system	epss
scoring_elements	0.52182
published_at	2026-04-11T12:55:00Z

value	0.00287
scoring_system	epss
scoring_elements	0.52166
published_at	2026-04-12T12:55:00Z

value	0.00287
scoring_system	epss
scoring_elements	0.5215
published_at	2026-04-13T12:55:00Z

value	0.00287
scoring_system	epss
scoring_elements	0.52191
published_at	2026-04-16T12:55:00Z

value	0.00287
scoring_system	epss
scoring_elements	0.52194
published_at	2026-04-18T12:55:00Z

value	0.00287
scoring_system	epss
scoring_elements	0.52042
published_at	2026-04-01T12:55:00Z

value	0.00287
scoring_system	epss
scoring_elements	0.5209
published_at	2026-04-02T12:55:00Z

value	0.00287
scoring_system	epss
scoring_elements	0.52117
published_at	2026-04-04T12:55:00Z

value	0.00287
scoring_system	epss
scoring_elements	0.52081
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-1606

reference_url	http://secunia.com/advisories/48622
reference_id
reference_type
scores
url	http://secunia.com/advisories/48622

reference_url	http://secunia.com/advisories/48647
reference_id
reference_type
scores
url	http://secunia.com/advisories/48647

reference_url

https://web.archive.org/web/20120527123559/http://www.securityfocus.com/bid/52771

reference_id

reference_type

scores

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20120527123559/http://www.securityfocus.com/bid/52771

reference_url

http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-001

reference_id

reference_type

scores

value	LOW
scoring_system	generic_textual
scoring_elements

url

http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-001

reference_url	http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-001/
reference_id
reference_type
scores
url	http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-001/

reference_url

reference_id

reference_type

scores

value	LOW
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2012/03/30/4

reference_url

reference_id

reference_type

scores

value	LOW
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2012/03/30/4

reference_url	http://www.securityfocus.com/bid/52771
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/52771

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.0:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.1:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.10:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.11:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.12:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.13:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.13:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.13:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.2:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.3:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.4:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.5:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.6:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.7:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.8:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.9:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.0:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.1:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.10:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.11:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.12:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.13:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.13:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.13:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.2:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.3:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.4:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.5:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.6:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.7:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.8:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.9:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.5.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.5.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.0:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.1:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.2:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.6.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.3:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.6.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.4:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.6.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.5:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.6.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.6:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.6.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.7:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:6.0:::::::*
reference_id	cpe:2.3:a:typo3:typo3:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:6.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2012-1606

reference_id

CVE-2012-1606

reference_type

scores

value	3.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:S/C:N/I:P/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2012-1606

reference_url

https://github.com/advisories/GHSA-7wwr-p84q-qr3q

reference_id

GHSA-7wwr-p84q-qr3q

reference_type

scores

value	LOW
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-7wwr-p84q-qr3q

fixed_packages

url	pkg:composer/typo3/cms@4.4.14
purl	pkg:composer/typo3/cms@4.4.14
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.4.14

url	pkg:composer/typo3/cms@4.5.14
purl	pkg:composer/typo3/cms@4.5.14
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.5.14

url	pkg:composer/typo3/cms@4.6.7
purl	pkg:composer/typo3/cms@4.6.7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.6.7

aliases CVE-2012-1606, GHSA-7wwr-p84q-qr3q

risk_score 1.6

exploitability 0.5

weighted_severity 3.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fprf-zjud-8fcv

url VCID-fv74-gq28-rkd5

vulnerability_id VCID-fv74-gq28-rkd5

summary

Typo3 Extbase Framework Unsafe Deserialization
The Extbase Framework in TYPO3 4.6.x through 4.6.6, 4.7, and 6.0 unserializes untrusted data, which allows remote attackers to unserialize arbitrary objects and possibly execute arbitrary code via vectors related to "a missing signature (HMAC) for a request argument."

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-1605

reference_id

reference_type

scores

value	0.0094
scoring_system	epss
scoring_elements	0.7626
published_at	2026-04-21T12:55:00Z

value	0.0094
scoring_system	epss
scoring_elements	0.7622
published_at	2026-04-08T12:55:00Z

value	0.0094
scoring_system	epss
scoring_elements	0.76233
published_at	2026-04-13T12:55:00Z

value	0.0094
scoring_system	epss
scoring_elements	0.76259
published_at	2026-04-11T12:55:00Z

value	0.0094
scoring_system	epss
scoring_elements	0.76236
published_at	2026-04-12T12:55:00Z

value	0.0094
scoring_system	epss
scoring_elements	0.76274
published_at	2026-04-16T12:55:00Z

value	0.0094
scoring_system	epss
scoring_elements	0.76278
published_at	2026-04-18T12:55:00Z

value	0.0094
scoring_system	epss
scoring_elements	0.7617
published_at	2026-04-01T12:55:00Z

value	0.0094
scoring_system	epss
scoring_elements	0.76175
published_at	2026-04-02T12:55:00Z

value	0.0094
scoring_system	epss
scoring_elements	0.76208
published_at	2026-04-04T12:55:00Z

value	0.0094
scoring_system	epss
scoring_elements	0.76188
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-1605

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2012-1605

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:P/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2012-1605

reference_url

https://web.archive.org/web/20120527123559/http://www.securityfocus.com/bid/52771

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20120527123559/http://www.securityfocus.com/bid/52771

reference_url

http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-001

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-001

reference_url	http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-001/
reference_id
reference_type
scores
url	http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-001/

reference_url

http://www.openwall.com/lists/oss-security/2012/03/30/4

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2012/03/30/4

reference_url	http://www.osvdb.org/80759
reference_id
reference_type
scores
url	http://www.osvdb.org/80759

reference_url	http://www.securityfocus.com/bid/52771
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/52771

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.0:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.1:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.2:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.6.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.3:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.6.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.4:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.6.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.5:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.6.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.6:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.6.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.6.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.7:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:6.0:::::::*
reference_id	cpe:2.3:a:typo3:typo3:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:6.0:::::::*

reference_url

https://github.com/advisories/GHSA-7jfm-px59-99w8

reference_id

GHSA-7jfm-px59-99w8

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-7jfm-px59-99w8

fixed_packages

url	pkg:composer/typo3/cms@4.4.14
purl	pkg:composer/typo3/cms@4.4.14
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.4.14

url	pkg:composer/typo3/cms@4.5.14
purl	pkg:composer/typo3/cms@4.5.14
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.5.14

url	pkg:composer/typo3/cms@4.6.7
purl	pkg:composer/typo3/cms@4.6.7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.6.7

aliases CVE-2012-1605, GHSA-7jfm-px59-99w8

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fv74-gq28-rkd5

url VCID-jbu9-bp56-rkgw

vulnerability_id VCID-jbu9-bp56-rkgw

summary

TYPO3 Remote File Disclosure vulnerability in the jumpUrl mechanism
The jumpUrl (aka access tracking) implementation in `tslib/class.tslib_fe.php` in TYPO3 4.2.x before 4.2.15, 4.3.x before 4.3.7, and 4.4.x before 4.4.4 does not properly compare certain hash values during access-control decisions, which allows remote attackers to read arbitrary files via unspecified vectors.

references

reference_url

http://blog.nibblesec.org/2010/12/typo3-sa-2010-020-typo3-sa-2010-022.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://blog.nibblesec.org/2010/12/typo3-sa-2010-020-typo3-sa-2010-022.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-3714

reference_id

reference_type

scores

value	0.35507
scoring_system	epss
scoring_elements	0.97074
published_at	2026-04-21T12:55:00Z

value	0.35507
scoring_system	epss
scoring_elements	0.9707
published_at	2026-04-18T12:55:00Z

value	0.35507
scoring_system	epss
scoring_elements	0.97067
published_at	2026-04-16T12:55:00Z

value	0.35507
scoring_system	epss
scoring_elements	0.97056
published_at	2026-04-13T12:55:00Z

value	0.35507
scoring_system	epss
scoring_elements	0.97055
published_at	2026-04-12T12:55:00Z

value	0.35507
scoring_system	epss
scoring_elements	0.97052
published_at	2026-04-09T12:55:00Z

value	0.35507
scoring_system	epss
scoring_elements	0.97051
published_at	2026-04-08T12:55:00Z

value	0.35507
scoring_system	epss
scoring_elements	0.97041
published_at	2026-04-07T12:55:00Z

value	0.35507
scoring_system	epss
scoring_elements	0.9703
published_at	2026-04-01T12:55:00Z

value	0.35507
scoring_system	epss
scoring_elements	0.97037
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-3714

reference_url

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/TYPO3/typo3/commit/687b671c765eac10ffb764547bb403ac3ef55620

reference_url

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/TYPO3/typo3/commit/687b671c765eac10ffb764547bb403ac3ef55620

reference_url

https://github.com/TYPO3/typo3/commit/a8ccd387cafd2c2c338fc29109c16418f7657229

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/TYPO3/typo3/commit/a8ccd387cafd2c2c338fc29109c16418f7657229

reference_url

https://github.com/TYPO3/typo3/commit/d95f06f633fd2c289b544f6d5907b789eae6cccb

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/TYPO3/typo3/commit/d95f06f633fd2c289b544f6d5907b789eae6cccb

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2010-3714

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:C/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2010-3714

reference_url

https://web.archive.org/web/20111220151231/http://www.securityfocus.com/bid/43786

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20111220151231/http://www.securityfocus.com/bid/43786

reference_url

http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-020

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-020

reference_url	http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-020/
reference_id
reference_type
scores
url	http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-020/

reference_url

http://www.debian.org/security/2010/dsa-2121

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.debian.org/security/2010/dsa-2121

reference_url

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-w736-qv86-vq94

reference_url	http://www.securityfocus.com/bid/43786
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/43786

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.0:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.1:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.10:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.2.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.11:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.2.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.12:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.2.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.13:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.2.13:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.13:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.14:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.2.14:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.14:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.2:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.3:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.2.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.4:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.2.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.5:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.2.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.6:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.2.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.7:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.2.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.8:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.2.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.9:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.2.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.3.0:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.3.1:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.3.2:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.3.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.3.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.3.3:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.3.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.3.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.3.4:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.3.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.3.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.3.5:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.3.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.3.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.3.6:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.3.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.3.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.1:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.2:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.3:::::::*
reference_id	cpe:2.3:a:typo3:typo3:4.4.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.3:::::::*

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/15856.php
reference_id	CVE-2012-2344;OSVDB-70121;CVE-2010-5099;CVE-2010-3714;OSVDB-68590
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/15856.php

reference_url

reference_id

GHSA-w736-qv86-vq94

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-w736-qv86-vq94

fixed_packages

url	pkg:composer/typo3/cms@4.4.4
purl	pkg:composer/typo3/cms@4.4.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.4.4

aliases CVE-2010-3714, GHSA-w736-qv86-vq94

risk_score 10.0

exploitability 2.0

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jbu9-bp56-rkgw

url VCID-jk5g-64sn-ffgx

vulnerability_id VCID-jk5g-64sn-ffgx

summary

Exposure of Sensitive Information to an Unauthorized Actor
TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows Information Disclosure on the backend.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-4627

reference_id

reference_type

scores

value	0.0031
scoring_system	epss
scoring_elements	0.54162
published_at	2026-04-04T12:55:00Z

value	0.0031
scoring_system	epss
scoring_elements	0.54132
published_at	2026-04-02T12:55:00Z

value	0.0031
scoring_system	epss
scoring_elements	0.54137
published_at	2026-04-07T12:55:00Z

value	0.0031
scoring_system	epss
scoring_elements	0.54221
published_at	2026-04-21T12:55:00Z

value	0.0031
scoring_system	epss
scoring_elements	0.5424
published_at	2026-04-18T12:55:00Z

value	0.0031
scoring_system	epss
scoring_elements	0.54197
published_at	2026-04-13T12:55:00Z

value	0.0031
scoring_system	epss
scoring_elements	0.54219
published_at	2026-04-12T12:55:00Z

value	0.0031
scoring_system	epss
scoring_elements	0.54236
published_at	2026-04-16T12:55:00Z

value	0.0031
scoring_system	epss
scoring_elements	0.54186
published_at	2026-04-09T12:55:00Z

value	0.0031
scoring_system	epss
scoring_elements	0.54115
published_at	2026-04-01T12:55:00Z

value	0.0031
scoring_system	epss
scoring_elements	0.54189
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-4627

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://typo3.org/security/advisory/typo3-core-sa-2011-001/#Information_Disclosure

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://typo3.org/security/advisory/typo3-core-sa-2011-001/#Information_Disclosure

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3::::::::
reference_id	cpe:2.3:a:typo3:typo3::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2011-4627

reference_id

CVE-2011-4627

reference_type

scores

value	4.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:P/I:N/A:N

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2011-4627

reference_url

https://security-tracker.debian.org/tracker/CVE-2011-4627

reference_id

CVE-2011-4627

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security-tracker.debian.org/tracker/CVE-2011-4627

reference_url

https://github.com/advisories/GHSA-frf4-5p2c-c3ff

reference_id

GHSA-frf4-5p2c-c3ff

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-frf4-5p2c-c3ff

fixed_packages

url	pkg:composer/typo3/cms@4.4.9
purl	pkg:composer/typo3/cms@4.4.9
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.4.9

url	pkg:composer/typo3/cms@4.5.4
purl	pkg:composer/typo3/cms@4.5.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.5.4

aliases CVE-2011-4627, GHSA-frf4-5p2c-c3ff

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jk5g-64sn-ffgx

url VCID-k6fn-pcqn-byhu

vulnerability_id VCID-k6fn-pcqn-byhu

summary

TYPO3 Directory Traversal vulnerability
Directory traversal vulnerability in the TypoScript setup in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allows remote authenticated administrators to read arbitrary files via unspecified vectors related to the "file inclusion functionality."

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-5101

reference_id

reference_type

scores

value	0.00407
scoring_system	epss
scoring_elements	0.60999
published_at	2026-04-01T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.6115
published_at	2026-04-21T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61168
published_at	2026-04-18T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61163
published_at	2026-04-16T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61122
published_at	2026-04-13T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61141
published_at	2026-04-12T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61155
published_at	2026-04-11T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61119
published_at	2026-04-08T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.6107
published_at	2026-04-07T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61104
published_at	2026-04-04T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61076
published_at	2026-04-02T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61134
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-5101

reference_url

https://exchange.xforce.ibmcloud.com/vulnerabilities/64180

reference_id

reference_type

scores

value	4.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://exchange.xforce.ibmcloud.com/vulnerabilities/64180

reference_url

reference_id

reference_type

scores

value	4.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2010-5101

reference_url

reference_id

reference_type

scores

value	4.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2010-5101

reference_url

https://web.archive.org/web/20120123102224/http://www.securityfocus.com/bid/45470

reference_id

reference_type

scores

value	4.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20120123102224/http://www.securityfocus.com/bid/45470

reference_url

https://web.archive.org/web/20121103085228/http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-022

reference_id

reference_type

scores

value	4.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20121103085228/http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-022

reference_url

http://www.openwall.com/lists/oss-security/2011/01/13/2

reference_id

reference_type

scores

value	4.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2011/01/13/2

reference_url

http://www.openwall.com/lists/oss-security/2012/05/10/7

reference_id

reference_type

scores

value	4.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2012/05/10/7

reference_url

http://www.openwall.com/lists/oss-security/2012/05/11/3

reference_id

reference_type

scores

value	4.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2012/05/11/3

reference_url

http://www.openwall.com/lists/oss-security/2012/05/12/5

reference_id

reference_type

scores

value	4.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2012/05/12/5

reference_url

https://github.com/advisories/GHSA-rmqc-wfjm-3f66

reference_id

GHSA-rmqc-wfjm-3f66

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-rmqc-wfjm-3f66

fixed_packages

url	pkg:composer/typo3/cms@4.4.5
purl	pkg:composer/typo3/cms@4.4.5
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.4.5

aliases CVE-2010-5101, GHSA-rmqc-wfjm-3f66

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k6fn-pcqn-byhu

url VCID-n177-3cym-d7e7

vulnerability_id VCID-n177-3cym-d7e7

summary

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the tcemain flash message.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-4632

reference_id

reference_type

scores

value	0.00195
scoring_system	epss
scoring_elements	0.41471
published_at	2026-04-04T12:55:00Z

value	0.00195
scoring_system	epss
scoring_elements	0.41444
published_at	2026-04-02T12:55:00Z

value	0.00195
scoring_system	epss
scoring_elements	0.41399
published_at	2026-04-07T12:55:00Z

value	0.00195
scoring_system	epss
scoring_elements	0.41371
published_at	2026-04-21T12:55:00Z

value	0.00195
scoring_system	epss
scoring_elements	0.41473
published_at	2026-04-16T12:55:00Z

value	0.00195
scoring_system	epss
scoring_elements	0.4143
published_at	2026-04-13T12:55:00Z

value	0.00195
scoring_system	epss
scoring_elements	0.41445
published_at	2026-04-18T12:55:00Z

value	0.00195
scoring_system	epss
scoring_elements	0.41478
published_at	2026-04-11T12:55:00Z

value	0.00195
scoring_system	epss
scoring_elements	0.41457
published_at	2026-04-09T12:55:00Z

value	0.00195
scoring_system	epss
scoring_elements	0.41352
published_at	2026-04-01T12:55:00Z

value	0.00195
scoring_system	epss
scoring_elements	0.41449
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-4632

reference_url

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://typo3.org/security/advisory/typo3-core-sa-2011-001/#XSS

reference_url

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://typo3.org/security/advisory/typo3-core-sa-2011-001/#XSS

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3::::::::
reference_id	cpe:2.3:a:typo3:typo3::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2011-4632

reference_id

CVE-2011-4632

reference_type

scores

value	3.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:S/C:N/I:P/A:N

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2011-4632

reference_url

https://security-tracker.debian.org/tracker/CVE-2011-4632

reference_id

CVE-2011-4632

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security-tracker.debian.org/tracker/CVE-2011-4632

reference_url

https://github.com/advisories/GHSA-h86g-796f-hhfq

reference_id

GHSA-h86g-796f-hhfq

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-h86g-796f-hhfq

fixed_packages

url	pkg:composer/typo3/cms@4.4.9
purl	pkg:composer/typo3/cms@4.4.9
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.4.9

url	pkg:composer/typo3/cms@4.5.4
purl	pkg:composer/typo3/cms@4.5.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.5.4

aliases CVE-2011-4632, GHSA-h86g-796f-hhfq

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n177-3cym-d7e7

url VCID-nvd8-5j51-2yeg

vulnerability_id VCID-nvd8-5j51-2yeg

summary

Improper Input Validation
TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to delete arbitrary files on the webserver.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-4902

reference_id

reference_type

scores

value	0.00136
scoring_system	epss
scoring_elements	0.3333
published_at	2026-04-21T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33461
published_at	2026-04-02T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33493
published_at	2026-04-04T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33334
published_at	2026-04-07T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.3338
published_at	2026-04-08T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33413
published_at	2026-04-09T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33417
published_at	2026-04-11T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33376
published_at	2026-04-12T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33354
published_at	2026-04-13T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33388
published_at	2026-04-16T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33363
published_at	2026-04-18T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33324
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-4902

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://typo3.org/security/advisory/typo3-core-sa-2011-001/#Unserialize

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://typo3.org/security/advisory/typo3-core-sa-2011-001/#Unserialize

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3::::::::
reference_id	cpe:2.3:a:typo3:typo3::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2011-4902

reference_id

CVE-2011-4902

reference_type

scores

value	5.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:N/I:P/A:P

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2011-4902

reference_url

https://security-tracker.debian.org/tracker/CVE-2011-4902

reference_id

CVE-2011-4902

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security-tracker.debian.org/tracker/CVE-2011-4902

reference_url

https://github.com/advisories/GHSA-9vxq-mxw5-mcgp

reference_id

GHSA-9vxq-mxw5-mcgp

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-9vxq-mxw5-mcgp

fixed_packages

url	pkg:composer/typo3/cms@4.4.9
purl	pkg:composer/typo3/cms@4.4.9
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.4.9

url	pkg:composer/typo3/cms@4.5.4
purl	pkg:composer/typo3/cms@4.5.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.5.4

aliases CVE-2011-4902, GHSA-9vxq-mxw5-mcgp

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nvd8-5j51-2yeg

url VCID-tu8v-rv87-wfa3

vulnerability_id VCID-tu8v-rv87-wfa3

summary

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the RemoveXSS function.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-4903

reference_id

reference_type

scores

value	0.00332
scoring_system	epss
scoring_elements	0.561
published_at	2026-04-04T12:55:00Z

value	0.00332
scoring_system	epss
scoring_elements	0.56079
published_at	2026-04-07T12:55:00Z

value	0.00332
scoring_system	epss
scoring_elements	0.5613
published_at	2026-04-08T12:55:00Z

value	0.00332
scoring_system	epss
scoring_elements	0.56114
published_at	2026-04-21T12:55:00Z

value	0.00332
scoring_system	epss
scoring_elements	0.56144
published_at	2026-04-18T12:55:00Z

value	0.00332
scoring_system	epss
scoring_elements	0.56141
published_at	2026-04-16T12:55:00Z

value	0.00332
scoring_system	epss
scoring_elements	0.56107
published_at	2026-04-13T12:55:00Z

value	0.00332
scoring_system	epss
scoring_elements	0.56124
published_at	2026-04-12T12:55:00Z

value	0.00332
scoring_system	epss
scoring_elements	0.56147
published_at	2026-04-11T12:55:00Z

value	0.00332
scoring_system	epss
scoring_elements	0.55968
published_at	2026-04-01T12:55:00Z

value	0.00332
scoring_system	epss
scoring_elements	0.56136
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-4903

reference_url

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://typo3.org/security/advisory/typo3-core-sa-2011-001/#XSS

reference_url

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://typo3.org/security/advisory/typo3-core-sa-2011-001/#XSS

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3::::::::
reference_id	cpe:2.3:a:typo3:typo3::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2011-4903

reference_id

CVE-2011-4903

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2011-4903

reference_url

https://security-tracker.debian.org/tracker/CVE-2011-4903

reference_id

CVE-2011-4903

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security-tracker.debian.org/tracker/CVE-2011-4903

reference_url

https://github.com/advisories/GHSA-q22w-r5qq-v3wf

reference_id

GHSA-q22w-r5qq-v3wf

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-q22w-r5qq-v3wf

fixed_packages

url	pkg:composer/typo3/cms@4.4.9
purl	pkg:composer/typo3/cms@4.4.9
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.4.9

url	pkg:composer/typo3/cms@4.5.4
purl	pkg:composer/typo3/cms@4.5.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.5.4

aliases CVE-2011-4903, GHSA-q22w-r5qq-v3wf

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tu8v-rv87-wfa3

url VCID-ybdc-993m-aqfu

vulnerability_id VCID-ybdc-993m-aqfu

summary

Exposure of Sensitive Information to an Unauthorized Actor
TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to extract arbitrary information from the TYPO3 database.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-4901

reference_id

reference_type

scores

value	0.00236
scoring_system	epss
scoring_elements	0.4658
published_at	2026-04-04T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46561
published_at	2026-04-02T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46528
published_at	2026-04-07T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46588
published_at	2026-04-21T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46641
published_at	2026-04-18T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46643
published_at	2026-04-16T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46587
published_at	2026-04-13T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46578
published_at	2026-04-12T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46606
published_at	2026-04-11T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46522
published_at	2026-04-01T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46583
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-4901

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://typo3.org/security/advisory/typo3-core-sa-2011-001/#Information_Disclosure

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://typo3.org/security/advisory/typo3-core-sa-2011-001/#Information_Disclosure

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3::::::::
reference_id	cpe:2.3:a:typo3:typo3::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2011-4901

reference_id

CVE-2011-4901

reference_type

scores

value	4.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:P/I:N/A:N

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2011-4901

reference_url

https://security-tracker.debian.org/tracker/CVE-2011-4901

reference_id

CVE-2011-4901

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security-tracker.debian.org/tracker/CVE-2011-4901

reference_url

https://github.com/advisories/GHSA-8grp-3j5v-543g

reference_id

GHSA-8grp-3j5v-543g

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-8grp-3j5v-543g

fixed_packages

url	pkg:composer/typo3/cms@4.4.9
purl	pkg:composer/typo3/cms@4.4.9
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.4.9

url	pkg:composer/typo3/cms@4.5.4
purl	pkg:composer/typo3/cms@4.5.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.5.4

aliases CVE-2011-4901, GHSA-8grp-3j5v-543g

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ybdc-993m-aqfu

url

VCID-yk4b-baue-rkbt

vulnerability_id

VCID-yk4b-baue-rkbt

summary

TYPO3 allows remote attackers to obtain the database name via a direct request
The Command Line Interface (CLI) script in TYPO3 4.4.0 through 4.4.13, 4.5.0 through 4.5.13, 4.6.0 through 4.6.6, 4.7, and 6.0 allows remote attackers to obtain the database name via a direct request.

references

reference_url	http://osvdb.org/80761
reference_id
reference_type
scores
url	http://osvdb.org/80761

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-1607

reference_id

reference_type

scores

value	0.00701
scoring_system	epss
scoring_elements	0.72064
published_at	2026-04-21T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.71987
published_at	2026-04-07T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.72026
published_at	2026-04-08T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.72038
published_at	2026-04-09T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.72062
published_at	2026-04-11T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.72046
published_at	2026-04-12T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.72031
published_at	2026-04-13T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.72072
published_at	2026-04-16T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.7208
published_at	2026-04-18T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.71984
published_at	2026-04-01T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.71992
published_at	2026-04-02T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.72012
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-1607

reference_url	http://secunia.com/advisories/48622
reference_id
reference_type
scores
url	http://secunia.com/advisories/48622

reference_url	http://secunia.com/advisories/48647
reference_id
reference_type
scores
url	http://secunia.com/advisories/48647

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2012-1607

reference_url

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2012-1607

reference_url

https://web.archive.org/web/20120426034517/http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-001

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20120426034517/http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-001

reference_url

https://web.archive.org/web/20120527123559/http://www.securityfocus.com/bid/52771

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20120527123559/http://www.securityfocus.com/bid/52771

reference_url	http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-001/
reference_id
reference_type
scores
url	http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-001/

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url