Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/typo3/cms@4.0.0
Typecomposer
Namespacetypo3
Namecms
Version4.0.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version10.4.35
Latest_non_vulnerable_version12.2.0
Affected_by_vulnerabilities
0
url VCID-69fr-ztbp-z7gg
vulnerability_id VCID-69fr-ztbp-z7gg
summary 
Improper Input Validation
The Indexed Search Engine (indexed_search) system extension in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allows remote attackers to execute arbitrary commands via a crafted filename containing shell metacharacters, which is not properly handled by the command-line indexer.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-0258
reference_id
reference_type
scores
0
value 0.03387
scoring_system epss
scoring_elements 0.87409
published_at 2026-04-21T12:55:00Z
1
value 0.03387
scoring_system epss
scoring_elements 0.87369
published_at 2026-04-07T12:55:00Z
2
value 0.03387
scoring_system epss
scoring_elements 0.87387
published_at 2026-04-08T12:55:00Z
3
value 0.03387
scoring_system epss
scoring_elements 0.87394
published_at 2026-04-09T12:55:00Z
4
value 0.03387
scoring_system epss
scoring_elements 0.87407
published_at 2026-04-11T12:55:00Z
5
value 0.03387
scoring_system epss
scoring_elements 0.87401
published_at 2026-04-12T12:55:00Z
6
value 0.03387
scoring_system epss
scoring_elements 0.87397
published_at 2026-04-13T12:55:00Z
7
value 0.03387
scoring_system epss
scoring_elements 0.87412
published_at 2026-04-16T12:55:00Z
8
value 0.03387
scoring_system epss
scoring_elements 0.87415
published_at 2026-04-18T12:55:00Z
9
value 0.03387
scoring_system epss
scoring_elements 0.87344
published_at 2026-04-01T12:55:00Z
10
value 0.03387
scoring_system epss
scoring_elements 0.87354
published_at 2026-04-02T12:55:00Z
11
value 0.03387
scoring_system epss
scoring_elements 0.8737
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-0258
1
reference_url http://secunia.com/advisories/33617
reference_id
reference_type
scores
url http://secunia.com/advisories/33617
2
reference_url http://secunia.com/advisories/33679
reference_id
reference_type
scores
url http://secunia.com/advisories/33679
3
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/48138
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/48138
4
reference_url https://web.archive.org/web/20111210005350/http://www.securityfocus.com/bid/33376
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20111210005350/http://www.securityfocus.com/bid/33376
5
reference_url http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-001
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-001
6
reference_url http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-001/
reference_id
reference_type
scores
url http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-001/
7
reference_url http://www.debian.org/security/2009/dsa-1711
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2009/dsa-1711
8
reference_url http://www.openwall.com/lists/oss-security/2009/01/23/4
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2009/01/23/4
9
reference_url http://www.securityfocus.com/bid/33376
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/33376
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.1:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.2:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.3:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.4:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.5:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.6:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.7:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.8:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.9:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.0:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.0:beta1:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.0:rc1:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.1:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.2:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.3:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.4:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.5:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.6:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.7:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.0:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.1:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.2:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.3:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/detail/CVE-2009-0258
reference_id CVE-2009-0258
reference_type
scores
0
value 10.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:C/I:C/A:C
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2009-0258
35
reference_url https://github.com/advisories/GHSA-74w6-ww7w-45j9
reference_id GHSA-74w6-ww7w-45j9
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-74w6-ww7w-45j9
fixed_packages
0
url pkg:composer/typo3/cms@4.0.10
purl pkg:composer/typo3/cms@4.0.10
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.0.10
1
url pkg:composer/typo3/cms@4.1.8
purl pkg:composer/typo3/cms@4.1.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.1.8
2
url pkg:composer/typo3/cms@4.2.4
purl pkg:composer/typo3/cms@4.2.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.2.4
aliases CVE-2009-0258, GHSA-74w6-ww7w-45j9
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-69fr-ztbp-z7gg
1
url VCID-acey-xzmu-7yg9
vulnerability_id VCID-acey-xzmu-7yg9
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in the backend user interface in TYPO3 3.3.x through 3.8.x, 4.0 before 4.0.12, 4.1 before 4.1.10, 4.2 before 4.2.6, and 4.3alpha1 allow remote attackers to inject arbitrary web script or HTML via unspecified fields.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-0816
reference_id
reference_type
scores
0
value 0.00285
scoring_system epss
scoring_elements 0.52009
published_at 2026-04-21T12:55:00Z
1
value 0.00285
scoring_system epss
scoring_elements 0.51964
published_at 2026-04-08T12:55:00Z
2
value 0.00285
scoring_system epss
scoring_elements 0.51963
published_at 2026-04-09T12:55:00Z
3
value 0.00285
scoring_system epss
scoring_elements 0.52015
published_at 2026-04-11T12:55:00Z
4
value 0.00285
scoring_system epss
scoring_elements 0.51997
published_at 2026-04-12T12:55:00Z
5
value 0.00285
scoring_system epss
scoring_elements 0.51981
published_at 2026-04-13T12:55:00Z
6
value 0.00285
scoring_system epss
scoring_elements 0.52023
published_at 2026-04-16T12:55:00Z
7
value 0.00285
scoring_system epss
scoring_elements 0.52029
published_at 2026-04-18T12:55:00Z
8
value 0.00285
scoring_system epss
scoring_elements 0.51871
published_at 2026-04-01T12:55:00Z
9
value 0.00285
scoring_system epss
scoring_elements 0.51919
published_at 2026-04-02T12:55:00Z
10
value 0.00285
scoring_system epss
scoring_elements 0.51946
published_at 2026-04-04T12:55:00Z
11
value 0.00285
scoring_system epss
scoring_elements 0.5191
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-0816
1
reference_url https://web.archive.org/web/20210507104956/http://www.securitytracker.com/id?1021709
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210507104956/http://www.securitytracker.com/id?1021709
2
reference_url http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-002
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-002
3
reference_url http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-002/
reference_id
reference_type
scores
url http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-002/
4
reference_url http://www.debian.org/security/2009/dsa-1720
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2009/dsa-1720
5
reference_url http://www.openwall.com/lists/oss-security/2009/02/10/6
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2009/02/10/6
6
reference_url http://www.securitytracker.com/id?1021709
reference_id
reference_type
scores
url http://www.securitytracker.com/id?1021709
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.1:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.10:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.11:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.2:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.3:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.4:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.5:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.6:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.7:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.8:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.9:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.1:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.2:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.3:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.4:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.5:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.6:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.7:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.8:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.9:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.1:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.2:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.3:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.4:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.5:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/detail/CVE-2009-0816
reference_id CVE-2009-0816
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2009-0816
36
reference_url https://github.com/advisories/GHSA-jg55-3q6h-2ccf
reference_id GHSA-jg55-3q6h-2ccf
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jg55-3q6h-2ccf
fixed_packages
0
url pkg:composer/typo3/cms@4.0.12
purl pkg:composer/typo3/cms@4.0.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.0.12
1
url pkg:composer/typo3/cms@4.1.10
purl pkg:composer/typo3/cms@4.1.10
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.1.10
2
url pkg:composer/typo3/cms@4.2.6
purl pkg:composer/typo3/cms@4.2.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.2.6
aliases CVE-2009-0816, GHSA-jg55-3q6h-2ccf
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-acey-xzmu-7yg9
2
url VCID-b5ht-z6zp-pbht
vulnerability_id VCID-b5ht-z6zp-pbht
summary 
Cross-Site Scripting Vulnerability
It has been discovered, that it is possible to forge a link to a backend module, which contains a JavaScript payload. This JavaScript is executed, if an authenticated editor with access to the module follows the link that, is tricked to click on a certain HTML target. Because TYPO3 include a secret token unknown to an attacker in every URL, an exploit would not be feasible for these versions.
references
0
reference_url http://packetstormsecurity.com/files/133551/Typo3-CMS-6.2.14-4.5.40-Cross-Site-Scripting.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/133551/Typo3-CMS-6.2.14-4.5.40-Cross-Site-Scripting.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5956
reference_id
reference_type
scores
0
value 0.00169
scoring_system epss
scoring_elements 0.38086
published_at 2026-04-21T12:55:00Z
1
value 0.00169
scoring_system epss
scoring_elements 0.38157
published_at 2026-04-08T12:55:00Z
2
value 0.00169
scoring_system epss
scoring_elements 0.38165
published_at 2026-04-09T12:55:00Z
3
value 0.00169
scoring_system epss
scoring_elements 0.38184
published_at 2026-04-11T12:55:00Z
4
value 0.00169
scoring_system epss
scoring_elements 0.38149
published_at 2026-04-12T12:55:00Z
5
value 0.00169
scoring_system epss
scoring_elements 0.38124
published_at 2026-04-13T12:55:00Z
6
value 0.00169
scoring_system epss
scoring_elements 0.3817
published_at 2026-04-16T12:55:00Z
7
value 0.00169
scoring_system epss
scoring_elements 0.38151
published_at 2026-04-18T12:55:00Z
8
value 0.00169
scoring_system epss
scoring_elements 0.38035
published_at 2026-04-01T12:55:00Z
9
value 0.00169
scoring_system epss
scoring_elements 0.38215
published_at 2026-04-02T12:55:00Z
10
value 0.00169
scoring_system epss
scoring_elements 0.38238
published_at 2026-04-04T12:55:00Z
11
value 0.00169
scoring_system epss
scoring_elements 0.38107
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5956
2
reference_url http://seclists.org/fulldisclosure/2015/Sep/57
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2015/Sep/57
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2015-5956.yaml
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2015-5956.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-5956
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-5956
5
reference_url https://review.typo3.org/#/c/43122/
reference_id
reference_type
scores
url https://review.typo3.org/#/c/43122/
6
reference_url https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-009
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-009
7
reference_url https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-009/
reference_id
reference_type
scores
url https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-009/
8
reference_url http://www.securityfocus.com/archive/1/536464/100/0/threaded
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/536464/100/0/threaded
9
reference_url http://www.securitytracker.com/id/1033551
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1033551
10
reference_url https://github.com/advisories/GHSA-989h-wv8x-933p
reference_id GHSA-989h-wv8x-933p
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-989h-wv8x-933p
fixed_packages
0
url pkg:composer/typo3/cms@6.2.15
purl pkg:composer/typo3/cms@6.2.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1bnd-6xsq-nbec
1
vulnerability VCID-1jcy-nx8g-z3d3
2
vulnerability VCID-1ng4-5tkh-g7h5
3
vulnerability VCID-1qjx-grvf-y7bk
4
vulnerability VCID-25t3-1sm6-3kdn
5
vulnerability VCID-3m2z-stmy-u7hm
6
vulnerability VCID-3m53-kkk2-j7c2
7
vulnerability VCID-435j-f3yx-9yep
8
vulnerability VCID-48jz-wwt8-33hx
9
vulnerability VCID-5jgb-dsyx-hyb4
10
vulnerability VCID-5ppt-avmb-cqb2
11
vulnerability VCID-6pvx-1qan-ukef
12
vulnerability VCID-6wsa-4ywc-8fh4
13
vulnerability VCID-7d1g-j3k5-gub8
14
vulnerability VCID-8jp8-a363-67be
15
vulnerability VCID-b715-6z6c-qqar
16
vulnerability VCID-bck9-34jp-6ydx
17
vulnerability VCID-buax-rz7x-r7c2
18
vulnerability VCID-c6zq-cfg5-u7d9
19
vulnerability VCID-cczn-x8q7-k7ba
20
vulnerability VCID-cjgc-q6p5-2ydc
21
vulnerability VCID-dp6j-gnk4-rkd5
22
vulnerability VCID-dsu7-jjjq-f3e1
23
vulnerability VCID-f4pm-9tq5-q3ch
24
vulnerability VCID-f963-qur3-2qb7
25
vulnerability VCID-fber-yp9q-f7dr
26
vulnerability VCID-fqbx-7xyq-fkav
27
vulnerability VCID-g4ak-ertr-rya6
28
vulnerability VCID-gcnj-6qb6-pbgz
29
vulnerability VCID-gezz-pvpj-p3c6
30
vulnerability VCID-gnna-yjv5-cya2
31
vulnerability VCID-gspd-apwy-efgu
32
vulnerability VCID-h2dd-7b1r-k7bs
33
vulnerability VCID-h958-d3pm-kfcs
34
vulnerability VCID-heyy-me7v-jyf5
35
vulnerability VCID-hkk9-f78q-xqd2
36
vulnerability VCID-hv3n-j8ck-1ufx
37
vulnerability VCID-jmu3-5k7e-x7ch
38
vulnerability VCID-jqx9-41zx-dbcy
39
vulnerability VCID-kqbk-4q4z-nkec
40
vulnerability VCID-kuq7-h4ex-tkgc
41
vulnerability VCID-m3nf-1qbv-d3dj
42
vulnerability VCID-m43j-8zeh-47gz
43
vulnerability VCID-mc8q-fhyf-ekfj
44
vulnerability VCID-mhud-kq57-nka3
45
vulnerability VCID-mqk6-z77g-bfdv
46
vulnerability VCID-n61z-6v8a-hygf
47
vulnerability VCID-nnh9-udcj-m7fv
48
vulnerability VCID-npn5-rand-q3dg
49
vulnerability VCID-nwxj-3ajk-rkh5
50
vulnerability VCID-p1u9-66hm-47er
51
vulnerability VCID-p545-vwe6-9kfr
52
vulnerability VCID-pgzu-kxuj-j3fh
53
vulnerability VCID-prbd-r82t-87dm
54
vulnerability VCID-q6dx-uskc-y3hs
55
vulnerability VCID-q9ak-qcq6-qfhy
56
vulnerability VCID-qemc-8kj8-r3cd
57
vulnerability VCID-re8y-zb3u-57h2
58
vulnerability VCID-re9h-ze98-rbhu
59
vulnerability VCID-rg5d-d8nc-9qfu
60
vulnerability VCID-rkms-w15c-4yb1
61
vulnerability VCID-s49m-kyu7-vbee
62
vulnerability VCID-s8h9-rdvk-9yfp
63
vulnerability VCID-sszj-qy2p-ebbd
64
vulnerability VCID-u347-jazz-zke4
65
vulnerability VCID-u7nx-p1g7-cqhw
66
vulnerability VCID-uckg-j48d-efad
67
vulnerability VCID-uj89-13ub-43fz
68
vulnerability VCID-utpu-q2dv-m3hm
69
vulnerability VCID-w5pn-eb7y-1kdp
70
vulnerability VCID-wq32-kgff-gke8
71
vulnerability VCID-ww44-zmx7-47ft
72
vulnerability VCID-xa4m-xpa9-v7h8
73
vulnerability VCID-xwtv-48ph-6fb6
74
vulnerability VCID-z41h-5mem-gfc7
75
vulnerability VCID-z5qq-nwn5-tqgm
76
vulnerability VCID-zdq2-dhb2-6kaq
77
vulnerability VCID-zeku-t9fv-kych
78
vulnerability VCID-zp3u-ukzs-ukf6
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.15
1
url pkg:composer/typo3/cms@7.4.0
purl pkg:composer/typo3/cms@7.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ng4-5tkh-g7h5
1
vulnerability VCID-28bf-jvah-zkhw
2
vulnerability VCID-5jgb-dsyx-hyb4
3
vulnerability VCID-5paq-5frf-43ed
4
vulnerability VCID-6b5q-vzs3-pkcc
5
vulnerability VCID-6pvx-1qan-ukef
6
vulnerability VCID-bajy-qbwq-fufn
7
vulnerability VCID-bnne-7p2q-eqd2
8
vulnerability VCID-buax-rz7x-r7c2
9
vulnerability VCID-bxjw-7426-gyb8
10
vulnerability VCID-cczn-x8q7-k7ba
11
vulnerability VCID-cjgc-q6p5-2ydc
12
vulnerability VCID-dbrh-t8zx-nkd9
13
vulnerability VCID-dm97-51uu-r7gw
14
vulnerability VCID-dsu7-jjjq-f3e1
15
vulnerability VCID-ehzg-bzrd-kbcc
16
vulnerability VCID-f4pm-9tq5-q3ch
17
vulnerability VCID-gcnj-6qb6-pbgz
18
vulnerability VCID-h958-d3pm-kfcs
19
vulnerability VCID-jmu3-5k7e-x7ch
20
vulnerability VCID-jqx9-41zx-dbcy
21
vulnerability VCID-kqbk-4q4z-nkec
22
vulnerability VCID-mnz3-rj21-67ad
23
vulnerability VCID-n15v-ta9h-6ffb
24
vulnerability VCID-n78p-x7hh-gqcf
25
vulnerability VCID-nwxj-3ajk-rkh5
26
vulnerability VCID-pgzu-kxuj-j3fh
27
vulnerability VCID-pk8d-8u15-5bfq
28
vulnerability VCID-q6dx-uskc-y3hs
29
vulnerability VCID-qemc-8kj8-r3cd
30
vulnerability VCID-rdrs-mhaw-b3ge
31
vulnerability VCID-sr3p-pdxy-4yhu
32
vulnerability VCID-t3jn-vwbx-u7cr
33
vulnerability VCID-tmrt-6fxw-5ugh
34
vulnerability VCID-tw1y-t4qj-j3d1
35
vulnerability VCID-vndb-w8e1-4ugv
36
vulnerability VCID-wr5t-xqnn-gkcj
37
vulnerability VCID-ww44-zmx7-47ft
38
vulnerability VCID-wxps-mnue-6bbh
39
vulnerability VCID-xa4m-xpa9-v7h8
40
vulnerability VCID-xqew-bx7v-1qfk
41
vulnerability VCID-y32z-2d3f-gkgw
42
vulnerability VCID-zdq2-dhb2-6kaq
43
vulnerability VCID-zspb-bd6j-wyd2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.4.0
aliases CVE-2015-5956, GHSA-989h-wv8x-933p
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b5ht-z6zp-pbht
3
url VCID-zkmd-h3ch-ebbg
vulnerability_id VCID-zkmd-h3ch-ebbg
summary 
Improper Authentication
Session fixation vulnerability in the authentication library in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allows remote attackers to hijack web sessions via unspecified vectors related to (1) frontend and (2) backend authentication.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-0256
reference_id
reference_type
scores
0
value 0.00911
scoring_system epss
scoring_elements 0.75846
published_at 2026-04-21T12:55:00Z
1
value 0.00911
scoring_system epss
scoring_elements 0.75777
published_at 2026-04-07T12:55:00Z
2
value 0.00911
scoring_system epss
scoring_elements 0.75809
published_at 2026-04-08T12:55:00Z
3
value 0.00911
scoring_system epss
scoring_elements 0.75821
published_at 2026-04-09T12:55:00Z
4
value 0.00911
scoring_system epss
scoring_elements 0.75845
published_at 2026-04-11T12:55:00Z
5
value 0.00911
scoring_system epss
scoring_elements 0.75826
published_at 2026-04-12T12:55:00Z
6
value 0.00911
scoring_system epss
scoring_elements 0.7582
published_at 2026-04-13T12:55:00Z
7
value 0.00911
scoring_system epss
scoring_elements 0.75857
published_at 2026-04-16T12:55:00Z
8
value 0.00911
scoring_system epss
scoring_elements 0.75861
published_at 2026-04-18T12:55:00Z
9
value 0.00911
scoring_system epss
scoring_elements 0.75762
published_at 2026-04-01T12:55:00Z
10
value 0.00911
scoring_system epss
scoring_elements 0.75765
published_at 2026-04-02T12:55:00Z
11
value 0.00911
scoring_system epss
scoring_elements 0.75798
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-0256
1
reference_url http://secunia.com/advisories/33617
reference_id
reference_type
scores
url http://secunia.com/advisories/33617
2
reference_url http://secunia.com/advisories/33679
reference_id
reference_type
scores
url http://secunia.com/advisories/33679
3
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/48133
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/48133
4
reference_url https://github.com/TYPO3/typo3
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3
5
reference_url https://web.archive.org/web/20111210005350/http://www.securityfocus.com/bid/33376
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20111210005350/http://www.securityfocus.com/bid/33376
6
reference_url http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-001
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-001
7
reference_url http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-001/
reference_id
reference_type
scores
url http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-001/
8
reference_url http://www.debian.org/security/2009/dsa-1711
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2009/dsa-1711
9
reference_url http://www.securityfocus.com/bid/33376
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/33376
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.1:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.2:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.3:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.4:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.5:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.6:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.7:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.8:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.9:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.0:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.0:beta1:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.0:rc1:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.1:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.2:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.3:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.4:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.5:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.6:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.7:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.0:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.1:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.2:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.3:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/detail/CVE-2009-0256
reference_id CVE-2009-0256
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2009-0256
35
reference_url https://github.com/advisories/GHSA-q45q-5233-229p
reference_id GHSA-q45q-5233-229p
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q45q-5233-229p
fixed_packages
0
url pkg:composer/typo3/cms@4.0.10
purl pkg:composer/typo3/cms@4.0.10
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.0.10
1
url pkg:composer/typo3/cms@4.1.8
purl pkg:composer/typo3/cms@4.1.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.1.8
2
url pkg:composer/typo3/cms@4.2.4
purl pkg:composer/typo3/cms@4.2.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.2.4
aliases CVE-2009-0256, GHSA-q45q-5233-229p
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zkmd-h3ch-ebbg
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.0.0