Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/52367?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/52367?format=api", "purl": "pkg:composer/typo3/cms@7.4.0", "type": "composer", "namespace": "typo3", "name": "cms", "version": "7.4.0", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "9.5.25", "latest_non_vulnerable_version": "12.2.0", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40509?format=api", "vulnerability_id": "VCID-3ugj-6m1e-e3hr", "summary": "Cross-site Scripting\nCross-Site Scripting in Online Media Asset Rendering.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-006/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-006/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57123?format=api", "purl": "pkg:composer/typo3/cms@7.6.32", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.32" }, { "url": "http://public2.vulnerablecode.io/api/packages/57073?format=api", "purl": "pkg:composer/typo3/cms@8.7.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-4eym-e6vt-8fbs" }, { "vulnerability": "VCID-7m6u-k5tp-gkhy" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-am6s-67bm-77dr" }, { "vulnerability": "VCID-bn3p-39sv-6fdg" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-fut7-bb1f-37g7" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k5t3-28es-h3ez" }, { "vulnerability": "VCID-khpm-e1xb-hydb" }, { "vulnerability": "VCID-nney-azbc-pucg" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-pmvp-twk2-jqe4" }, { "vulnerability": "VCID-qv14-m93d-jyd9" }, { "vulnerability": "VCID-rqrw-t2kj-mud8" }, { "vulnerability": "VCID-ru6w-m6q6-27gn" }, { "vulnerability": "VCID-sdsa-mh76-kqch" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-u259-2sxq-tbct" }, { "vulnerability": "VCID-vw2r-g8yy-eyf4" }, { "vulnerability": "VCID-x5x1-w7yv-eye9" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-y7ds-p5r2-yuhq" }, { "vulnerability": "VCID-zmwv-gwq3-fkej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/57074?format=api", "purl": "pkg:composer/typo3/cms@9.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-3ye6-vqje-abh4" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-4eym-e6vt-8fbs" }, { "vulnerability": "VCID-4jck-w9ct-budk" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-7m6u-k5tp-gkhy" }, { "vulnerability": "VCID-7xv1-78u7-xufp" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-9adx-p876-kyb5" }, { "vulnerability": "VCID-am6s-67bm-77dr" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-cvk2-93hm-gkhx" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-fut7-bb1f-37g7" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k5t3-28es-h3ez" }, { "vulnerability": "VCID-khpm-e1xb-hydb" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-nney-azbc-pucg" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-pmvp-twk2-jqe4" }, { "vulnerability": "VCID-qv14-m93d-jyd9" }, { "vulnerability": "VCID-rqrw-t2kj-mud8" }, { "vulnerability": "VCID-ru6w-m6q6-27gn" }, { "vulnerability": "VCID-sdsa-mh76-kqch" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-u259-2sxq-tbct" }, { "vulnerability": "VCID-vw2r-g8yy-eyf4" }, { "vulnerability": "VCID-x5x1-w7yv-eye9" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-y7ds-p5r2-yuhq" }, { "vulnerability": "VCID-zeut-9wfp-q7et" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" }, { "vulnerability": "VCID-zmwv-gwq3-fkej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.2" } ], "aliases": [ "GMS-2018-97" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3ugj-6m1e-e3hr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38212?format=api", "vulnerability_id": "VCID-5hm4-ms5p-uuae", "summary": "Failing to properly encode user input, the page module is vulnerable to Cross-Site Scripting. A valid backend user account with permissions to edit plugins is needed to exploit this vulnerability.", "references": [ { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-021" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/52821?format=api", "purl": "pkg:composer/typo3/cms@7.6.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ugj-6m1e-e3hr" }, { "vulnerability": "VCID-5dxs-cdht-27hw" }, { "vulnerability": "VCID-66ru-n2df-b3ay" }, { "vulnerability": "VCID-727q-h3ey-6yc9" }, { "vulnerability": "VCID-953t-q1cr-zyd6" }, { "vulnerability": "VCID-9saf-w56y-pugz" }, { "vulnerability": "VCID-abjx-8v46-d7d8" }, { "vulnerability": "VCID-dsqm-9q3e-dudw" }, { "vulnerability": "VCID-e564-zdku-9fc6" }, { "vulnerability": "VCID-eutz-mj58-audb" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fdnw-2tz5-4fdr" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-h217-xe8x-nua3" }, { "vulnerability": "VCID-h7cg-64er-uya9" }, { "vulnerability": "VCID-h7hf-sf2q-73ay" }, { "vulnerability": "VCID-hp99-ncuh-6ugv" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-jq5y-7h9g-mufa" }, { "vulnerability": "VCID-jqe4-8hzb-mfea" }, { "vulnerability": "VCID-mctp-nf36-7qdn" }, { "vulnerability": "VCID-njsj-bwjq-fyap" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-sy7r-d6pv-yba9" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-vq15-t92r-5bhx" }, { "vulnerability": "VCID-xh68-defe-f7ce" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-ygw4-jdqu-4fbt" }, { "vulnerability": "VCID-yz6t-ge1y-qfgr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/52638?format=api", "purl": "pkg:composer/typo3/cms@8.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11u3-8xzy-jfhh" }, { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-28fn-ncj5-2ufk" }, { "vulnerability": "VCID-2r7u-mc45-8yhe" }, { "vulnerability": "VCID-2rhr-8vaz-hqfj" }, { "vulnerability": "VCID-2vpx-fqb6-aqfa" }, { "vulnerability": "VCID-39jx-muqb-nkfq" }, { "vulnerability": "VCID-39vn-73mc-jqav" }, { "vulnerability": "VCID-3ugj-6m1e-e3hr" }, { "vulnerability": "VCID-4eym-e6vt-8fbs" }, { "vulnerability": "VCID-4wnp-gusy-43b8" }, { "vulnerability": "VCID-5dxs-cdht-27hw" }, { "vulnerability": "VCID-5u2f-5zzf-j3e4" }, { "vulnerability": "VCID-66kh-c1dm-8fbf" }, { "vulnerability": "VCID-66ru-n2df-b3ay" }, { "vulnerability": "VCID-6su8-bbrw-hbhp" }, { "vulnerability": "VCID-727q-h3ey-6yc9" }, { "vulnerability": "VCID-7ch1-q9f4-a7bt" }, { "vulnerability": "VCID-7m6u-k5tp-gkhy" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8p64-6zpt-t3av" }, { "vulnerability": "VCID-94r9-hh4g-jkej" }, { "vulnerability": "VCID-953t-q1cr-zyd6" }, { "vulnerability": "VCID-9726-hafj-wkay" }, { "vulnerability": "VCID-9saf-w56y-pugz" }, { "vulnerability": "VCID-9yu1-z7c2-t3fj" }, { "vulnerability": "VCID-abjx-8v46-d7d8" }, { "vulnerability": "VCID-am6s-67bm-77dr" }, { "vulnerability": "VCID-bn3p-39sv-6fdg" }, { "vulnerability": "VCID-bq2j-t19h-zyad" }, { "vulnerability": "VCID-bstt-ybrs-5ua3" }, { "vulnerability": "VCID-buj5-2t53-3kcr" }, { "vulnerability": "VCID-d6c2-upx1-e7cd" }, { "vulnerability": "VCID-dsqm-9q3e-dudw" }, { "vulnerability": "VCID-e564-zdku-9fc6" }, { "vulnerability": "VCID-emqq-kwjg-3kfk" }, { "vulnerability": "VCID-eutz-mj58-audb" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-f319-jpf5-hyex" }, { "vulnerability": "VCID-fdnw-2tz5-4fdr" }, { "vulnerability": "VCID-fgqa-5fx9-nkaz" }, { "vulnerability": "VCID-fh61-7rfy-s3hg" }, { "vulnerability": "VCID-fqkc-utex-3kav" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-fut7-bb1f-37g7" }, { "vulnerability": "VCID-g7mm-vjbw-bbhd" }, { "vulnerability": "VCID-gk79-jtuz-myh6" }, { "vulnerability": "VCID-gpv4-4tpd-tbaa" }, { "vulnerability": "VCID-h217-xe8x-nua3" }, { "vulnerability": "VCID-h7cg-64er-uya9" }, { "vulnerability": "VCID-h7hf-sf2q-73ay" }, { "vulnerability": "VCID-hp99-ncuh-6ugv" }, { "vulnerability": "VCID-hyx9-8ae6-sba8" }, { "vulnerability": "VCID-hzma-cduk-3uhp" }, { "vulnerability": "VCID-j8hk-bqnb-gycp" }, { "vulnerability": "VCID-j8sh-5evd-dkaz" }, { "vulnerability": "VCID-jeqr-9tfu-f7b2" }, { "vulnerability": "VCID-jf28-91be-6kbr" }, { "vulnerability": "VCID-jmea-qzsr-wkf4" }, { "vulnerability": "VCID-jn38-wfec-7bb2" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-jq5y-7h9g-mufa" }, { "vulnerability": "VCID-jqe4-8hzb-mfea" }, { "vulnerability": "VCID-jwb1-3sbg-kfa5" }, { "vulnerability": "VCID-k5t3-28es-h3ez" }, { "vulnerability": "VCID-khpm-e1xb-hydb" }, { "vulnerability": "VCID-ks1q-a8x2-uqht" }, { "vulnerability": "VCID-m3nc-xbb4-yubr" }, { "vulnerability": "VCID-mctp-nf36-7qdn" }, { "vulnerability": "VCID-nhjv-nke2-2kf8" }, { "vulnerability": "VCID-njsj-bwjq-fyap" }, { "vulnerability": "VCID-nney-azbc-pucg" }, { "vulnerability": "VCID-nvbp-pbjw-3qgx" }, { "vulnerability": "VCID-p576-w7dd-p3h7" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-pmvp-twk2-jqe4" }, { "vulnerability": "VCID-q2ym-y2rz-1bdn" }, { "vulnerability": "VCID-q52p-xfj8-gygd" }, { "vulnerability": "VCID-q7vt-19eb-sqeq" }, { "vulnerability": "VCID-qcnh-z4zh-myaw" }, { "vulnerability": "VCID-qdxh-arxx-wbcr" }, { "vulnerability": "VCID-qxab-9uwr-yqhv" }, { "vulnerability": "VCID-rqrw-t2kj-mud8" }, { "vulnerability": "VCID-ru6w-m6q6-27gn" }, { "vulnerability": "VCID-sdjb-gp4t-vbgt" }, { "vulnerability": "VCID-sdsa-mh76-kqch" }, { "vulnerability": "VCID-sdz8-hju8-4bcb" }, { "vulnerability": "VCID-sy7r-d6pv-yba9" }, { "vulnerability": "VCID-teby-zvvw-zkhv" }, { "vulnerability": "VCID-u259-2sxq-tbct" }, { "vulnerability": "VCID-u4tq-8qnk-5fd7" }, { "vulnerability": "VCID-u5he-6tqb-gqaf" }, { "vulnerability": "VCID-u6as-cwxc-pkhk" }, { "vulnerability": "VCID-uq77-aax5-k7d8" }, { "vulnerability": "VCID-vq15-t92r-5bhx" }, { "vulnerability": "VCID-vw2r-g8yy-eyf4" }, { "vulnerability": "VCID-w483-prq4-rycx" }, { "vulnerability": "VCID-w58p-3wg1-7ycr" }, { "vulnerability": "VCID-wat8-4m83-hken" }, { "vulnerability": "VCID-wy45-2gmr-fkfg" }, { "vulnerability": "VCID-x175-xjek-97ds" }, { "vulnerability": "VCID-x5x1-w7yv-eye9" }, { "vulnerability": "VCID-xh68-defe-f7ce" }, { "vulnerability": "VCID-xpxg-qq49-b7fd" }, { "vulnerability": "VCID-xvyu-2hb8-8ufh" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-y7ds-p5r2-yuhq" }, { "vulnerability": "VCID-ygw4-jdqu-4fbt" }, { "vulnerability": "VCID-yh6b-tc4u-v3bk" }, { "vulnerability": "VCID-yn6z-9v7k-x7br" }, { "vulnerability": "VCID-yz6t-ge1y-qfgr" }, { "vulnerability": "VCID-zgfw-pk39-gyg8" }, { "vulnerability": "VCID-zmwv-gwq3-fkej" }, { "vulnerability": "VCID-zrz3-3dnf-tbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/52883?format=api", "purl": "pkg:composer/typo3/cms@8.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-3ugj-6m1e-e3hr" }, { "vulnerability": "VCID-4eym-e6vt-8fbs" }, { "vulnerability": "VCID-5dxs-cdht-27hw" }, { "vulnerability": "VCID-66ru-n2df-b3ay" }, { "vulnerability": "VCID-727q-h3ey-6yc9" }, { "vulnerability": "VCID-7ch1-q9f4-a7bt" }, { "vulnerability": "VCID-7m6u-k5tp-gkhy" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-953t-q1cr-zyd6" }, { "vulnerability": "VCID-9saf-w56y-pugz" }, { "vulnerability": "VCID-abjx-8v46-d7d8" }, { "vulnerability": "VCID-am6s-67bm-77dr" }, { "vulnerability": "VCID-bn3p-39sv-6fdg" }, { "vulnerability": "VCID-d6c2-upx1-e7cd" }, { "vulnerability": "VCID-dsqm-9q3e-dudw" }, { "vulnerability": "VCID-e564-zdku-9fc6" }, { "vulnerability": "VCID-emqq-kwjg-3kfk" }, { "vulnerability": "VCID-eutz-mj58-audb" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fdnw-2tz5-4fdr" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-fut7-bb1f-37g7" }, { "vulnerability": "VCID-h217-xe8x-nua3" }, { "vulnerability": "VCID-h7cg-64er-uya9" }, { "vulnerability": "VCID-h7hf-sf2q-73ay" }, { "vulnerability": "VCID-hg2n-xera-jkdh" }, { "vulnerability": "VCID-hp99-ncuh-6ugv" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-jq5y-7h9g-mufa" }, { "vulnerability": "VCID-jqe4-8hzb-mfea" }, { "vulnerability": "VCID-k5t3-28es-h3ez" }, { "vulnerability": "VCID-khpm-e1xb-hydb" }, { "vulnerability": "VCID-mctp-nf36-7qdn" }, { "vulnerability": "VCID-njsj-bwjq-fyap" }, { "vulnerability": "VCID-nney-azbc-pucg" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-pmvp-twk2-jqe4" }, { "vulnerability": "VCID-q52p-xfj8-gygd" }, { "vulnerability": "VCID-qv14-m93d-jyd9" }, { "vulnerability": "VCID-qxab-9uwr-yqhv" }, { "vulnerability": "VCID-rqrw-t2kj-mud8" }, { "vulnerability": "VCID-ru6w-m6q6-27gn" }, { "vulnerability": "VCID-sdsa-mh76-kqch" }, { "vulnerability": "VCID-sy7r-d6pv-yba9" }, { "vulnerability": "VCID-u259-2sxq-tbct" }, { "vulnerability": "VCID-vq15-t92r-5bhx" }, { "vulnerability": "VCID-vw2r-g8yy-eyf4" }, { "vulnerability": "VCID-wy45-2gmr-fkfg" }, { "vulnerability": "VCID-x5x1-w7yv-eye9" }, { "vulnerability": "VCID-xh68-defe-f7ce" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-y7ds-p5r2-yuhq" }, { "vulnerability": "VCID-ygw4-jdqu-4fbt" }, { "vulnerability": "VCID-yz6t-ge1y-qfgr" }, { "vulnerability": "VCID-zmwv-gwq3-fkej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.3.1" } ], "aliases": [ "TYPO3-CORE-SA-2016-021" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5hm4-ms5p-uuae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38211?format=api", "vulnerability_id": "VCID-8jcy-3kje-fqeh", "summary": "Cache Flooding in Frontend\nLinks with a valid cHash argument lead to newly generated page cache entries. Because the cHash is not bound to a specific page, attackers could use valid cHash arguments for multiple pages, leading to additional useless page cache entries. Depending on the number of pages in the system and the number of available valid links with a cHash, attackers could add a considerable amount of additional cache entries, which in the end exceed storage limits and thus could lead to the system not responding any more. This means the Cache Flooding attack potentially could lead to a successful Denial of Service (DoS) attack.", "references": [ { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-022" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/52821?format=api", "purl": "pkg:composer/typo3/cms@7.6.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ugj-6m1e-e3hr" }, { "vulnerability": "VCID-5dxs-cdht-27hw" }, { "vulnerability": "VCID-66ru-n2df-b3ay" }, { "vulnerability": "VCID-727q-h3ey-6yc9" }, { "vulnerability": "VCID-953t-q1cr-zyd6" }, { "vulnerability": "VCID-9saf-w56y-pugz" }, { "vulnerability": "VCID-abjx-8v46-d7d8" }, { "vulnerability": "VCID-dsqm-9q3e-dudw" }, { "vulnerability": "VCID-e564-zdku-9fc6" }, { "vulnerability": "VCID-eutz-mj58-audb" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fdnw-2tz5-4fdr" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-h217-xe8x-nua3" }, { "vulnerability": "VCID-h7cg-64er-uya9" }, { "vulnerability": "VCID-h7hf-sf2q-73ay" }, { "vulnerability": "VCID-hp99-ncuh-6ugv" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-jq5y-7h9g-mufa" }, { "vulnerability": "VCID-jqe4-8hzb-mfea" }, { "vulnerability": "VCID-mctp-nf36-7qdn" }, { "vulnerability": "VCID-njsj-bwjq-fyap" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-sy7r-d6pv-yba9" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-vq15-t92r-5bhx" }, { "vulnerability": "VCID-xh68-defe-f7ce" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-ygw4-jdqu-4fbt" }, { "vulnerability": "VCID-yz6t-ge1y-qfgr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/52638?format=api", "purl": "pkg:composer/typo3/cms@8.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11u3-8xzy-jfhh" }, { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-28fn-ncj5-2ufk" }, { "vulnerability": "VCID-2r7u-mc45-8yhe" }, { "vulnerability": "VCID-2rhr-8vaz-hqfj" }, { "vulnerability": "VCID-2vpx-fqb6-aqfa" }, { "vulnerability": "VCID-39jx-muqb-nkfq" }, { "vulnerability": "VCID-39vn-73mc-jqav" }, { "vulnerability": "VCID-3ugj-6m1e-e3hr" }, { "vulnerability": "VCID-4eym-e6vt-8fbs" }, { "vulnerability": "VCID-4wnp-gusy-43b8" }, { "vulnerability": "VCID-5dxs-cdht-27hw" }, { "vulnerability": "VCID-5u2f-5zzf-j3e4" }, { "vulnerability": "VCID-66kh-c1dm-8fbf" }, { "vulnerability": "VCID-66ru-n2df-b3ay" }, { "vulnerability": "VCID-6su8-bbrw-hbhp" }, { "vulnerability": "VCID-727q-h3ey-6yc9" }, { "vulnerability": "VCID-7ch1-q9f4-a7bt" }, { "vulnerability": "VCID-7m6u-k5tp-gkhy" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8p64-6zpt-t3av" }, { "vulnerability": "VCID-94r9-hh4g-jkej" }, { "vulnerability": "VCID-953t-q1cr-zyd6" }, { "vulnerability": "VCID-9726-hafj-wkay" }, { "vulnerability": "VCID-9saf-w56y-pugz" }, { "vulnerability": "VCID-9yu1-z7c2-t3fj" }, { "vulnerability": "VCID-abjx-8v46-d7d8" }, { "vulnerability": "VCID-am6s-67bm-77dr" }, { "vulnerability": "VCID-bn3p-39sv-6fdg" }, { "vulnerability": "VCID-bq2j-t19h-zyad" }, { "vulnerability": "VCID-bstt-ybrs-5ua3" }, { "vulnerability": "VCID-buj5-2t53-3kcr" }, { "vulnerability": "VCID-d6c2-upx1-e7cd" }, { "vulnerability": "VCID-dsqm-9q3e-dudw" }, { "vulnerability": "VCID-e564-zdku-9fc6" }, { "vulnerability": "VCID-emqq-kwjg-3kfk" }, { "vulnerability": "VCID-eutz-mj58-audb" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-f319-jpf5-hyex" }, { "vulnerability": "VCID-fdnw-2tz5-4fdr" }, { "vulnerability": "VCID-fgqa-5fx9-nkaz" }, { "vulnerability": "VCID-fh61-7rfy-s3hg" }, { "vulnerability": "VCID-fqkc-utex-3kav" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-fut7-bb1f-37g7" }, { "vulnerability": "VCID-g7mm-vjbw-bbhd" }, { "vulnerability": "VCID-gk79-jtuz-myh6" }, { "vulnerability": "VCID-gpv4-4tpd-tbaa" }, { "vulnerability": "VCID-h217-xe8x-nua3" }, { "vulnerability": "VCID-h7cg-64er-uya9" }, { "vulnerability": "VCID-h7hf-sf2q-73ay" }, { "vulnerability": "VCID-hp99-ncuh-6ugv" }, { "vulnerability": "VCID-hyx9-8ae6-sba8" }, { "vulnerability": "VCID-hzma-cduk-3uhp" }, { "vulnerability": "VCID-j8hk-bqnb-gycp" }, { "vulnerability": "VCID-j8sh-5evd-dkaz" }, { "vulnerability": "VCID-jeqr-9tfu-f7b2" }, { "vulnerability": "VCID-jf28-91be-6kbr" }, { "vulnerability": "VCID-jmea-qzsr-wkf4" }, { "vulnerability": "VCID-jn38-wfec-7bb2" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-jq5y-7h9g-mufa" }, { "vulnerability": "VCID-jqe4-8hzb-mfea" }, { "vulnerability": "VCID-jwb1-3sbg-kfa5" }, { "vulnerability": "VCID-k5t3-28es-h3ez" }, { "vulnerability": "VCID-khpm-e1xb-hydb" }, { "vulnerability": "VCID-ks1q-a8x2-uqht" }, { "vulnerability": "VCID-m3nc-xbb4-yubr" }, { "vulnerability": "VCID-mctp-nf36-7qdn" }, { "vulnerability": "VCID-nhjv-nke2-2kf8" }, { "vulnerability": "VCID-njsj-bwjq-fyap" }, { "vulnerability": "VCID-nney-azbc-pucg" }, { "vulnerability": "VCID-nvbp-pbjw-3qgx" }, { "vulnerability": "VCID-p576-w7dd-p3h7" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-pmvp-twk2-jqe4" }, { "vulnerability": "VCID-q2ym-y2rz-1bdn" }, { "vulnerability": "VCID-q52p-xfj8-gygd" }, { "vulnerability": "VCID-q7vt-19eb-sqeq" }, { "vulnerability": "VCID-qcnh-z4zh-myaw" }, { "vulnerability": "VCID-qdxh-arxx-wbcr" }, { "vulnerability": "VCID-qxab-9uwr-yqhv" }, { "vulnerability": "VCID-rqrw-t2kj-mud8" }, { "vulnerability": "VCID-ru6w-m6q6-27gn" }, { "vulnerability": "VCID-sdjb-gp4t-vbgt" }, { "vulnerability": "VCID-sdsa-mh76-kqch" }, { "vulnerability": "VCID-sdz8-hju8-4bcb" }, { "vulnerability": "VCID-sy7r-d6pv-yba9" }, { "vulnerability": "VCID-teby-zvvw-zkhv" }, { "vulnerability": "VCID-u259-2sxq-tbct" }, { "vulnerability": "VCID-u4tq-8qnk-5fd7" }, { "vulnerability": "VCID-u5he-6tqb-gqaf" }, { "vulnerability": "VCID-u6as-cwxc-pkhk" }, { "vulnerability": "VCID-uq77-aax5-k7d8" }, { "vulnerability": "VCID-vq15-t92r-5bhx" }, { "vulnerability": "VCID-vw2r-g8yy-eyf4" }, { "vulnerability": "VCID-w483-prq4-rycx" }, { "vulnerability": "VCID-w58p-3wg1-7ycr" }, { "vulnerability": "VCID-wat8-4m83-hken" }, { "vulnerability": "VCID-wy45-2gmr-fkfg" }, { "vulnerability": "VCID-x175-xjek-97ds" }, { "vulnerability": "VCID-x5x1-w7yv-eye9" }, { "vulnerability": "VCID-xh68-defe-f7ce" }, { "vulnerability": "VCID-xpxg-qq49-b7fd" }, { "vulnerability": "VCID-xvyu-2hb8-8ufh" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-y7ds-p5r2-yuhq" }, { "vulnerability": "VCID-ygw4-jdqu-4fbt" }, { "vulnerability": "VCID-yh6b-tc4u-v3bk" }, { "vulnerability": "VCID-yn6z-9v7k-x7br" }, { "vulnerability": "VCID-yz6t-ge1y-qfgr" }, { "vulnerability": "VCID-zgfw-pk39-gyg8" }, { "vulnerability": "VCID-zmwv-gwq3-fkej" }, { "vulnerability": "VCID-zrz3-3dnf-tbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/52883?format=api", "purl": "pkg:composer/typo3/cms@8.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-3ugj-6m1e-e3hr" }, { "vulnerability": "VCID-4eym-e6vt-8fbs" }, { "vulnerability": "VCID-5dxs-cdht-27hw" }, { "vulnerability": "VCID-66ru-n2df-b3ay" }, { "vulnerability": "VCID-727q-h3ey-6yc9" }, { "vulnerability": "VCID-7ch1-q9f4-a7bt" }, { "vulnerability": "VCID-7m6u-k5tp-gkhy" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-953t-q1cr-zyd6" }, { "vulnerability": "VCID-9saf-w56y-pugz" }, { "vulnerability": "VCID-abjx-8v46-d7d8" }, { "vulnerability": "VCID-am6s-67bm-77dr" }, { "vulnerability": "VCID-bn3p-39sv-6fdg" }, { "vulnerability": "VCID-d6c2-upx1-e7cd" }, { "vulnerability": "VCID-dsqm-9q3e-dudw" }, { "vulnerability": "VCID-e564-zdku-9fc6" }, { "vulnerability": "VCID-emqq-kwjg-3kfk" }, { "vulnerability": "VCID-eutz-mj58-audb" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fdnw-2tz5-4fdr" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-fut7-bb1f-37g7" }, { "vulnerability": "VCID-h217-xe8x-nua3" }, { "vulnerability": "VCID-h7cg-64er-uya9" }, { "vulnerability": "VCID-h7hf-sf2q-73ay" }, { "vulnerability": "VCID-hg2n-xera-jkdh" }, { "vulnerability": "VCID-hp99-ncuh-6ugv" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-jq5y-7h9g-mufa" }, { "vulnerability": "VCID-jqe4-8hzb-mfea" }, { "vulnerability": "VCID-k5t3-28es-h3ez" }, { "vulnerability": "VCID-khpm-e1xb-hydb" }, { "vulnerability": "VCID-mctp-nf36-7qdn" }, { "vulnerability": "VCID-njsj-bwjq-fyap" }, { "vulnerability": "VCID-nney-azbc-pucg" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-pmvp-twk2-jqe4" }, { "vulnerability": "VCID-q52p-xfj8-gygd" }, { "vulnerability": "VCID-qv14-m93d-jyd9" }, { "vulnerability": "VCID-qxab-9uwr-yqhv" }, { "vulnerability": "VCID-rqrw-t2kj-mud8" }, { "vulnerability": "VCID-ru6w-m6q6-27gn" }, { "vulnerability": "VCID-sdsa-mh76-kqch" }, { "vulnerability": "VCID-sy7r-d6pv-yba9" }, { "vulnerability": "VCID-u259-2sxq-tbct" }, { "vulnerability": "VCID-vq15-t92r-5bhx" }, { "vulnerability": "VCID-vw2r-g8yy-eyf4" }, { "vulnerability": "VCID-wy45-2gmr-fkfg" }, { "vulnerability": "VCID-x5x1-w7yv-eye9" }, { "vulnerability": "VCID-xh68-defe-f7ce" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-y7ds-p5r2-yuhq" }, { "vulnerability": "VCID-ygw4-jdqu-4fbt" }, { "vulnerability": "VCID-yz6t-ge1y-qfgr" }, { "vulnerability": "VCID-zmwv-gwq3-fkej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.3.1" } ], "aliases": [ "TYPO3-CORE-SA-2016-022" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8jcy-3kje-fqeh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40505?format=api", "vulnerability_id": "VCID-953t-q1cr-zyd6", "summary": "Cross-site Scripting\nCross-Site Scripting in Backend Modal Component.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-007/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-007/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57123?format=api", "purl": "pkg:composer/typo3/cms@7.6.32", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.32" }, { "url": "http://public2.vulnerablecode.io/api/packages/57073?format=api", "purl": "pkg:composer/typo3/cms@8.7.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-4eym-e6vt-8fbs" }, { "vulnerability": "VCID-7m6u-k5tp-gkhy" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-am6s-67bm-77dr" }, { "vulnerability": "VCID-bn3p-39sv-6fdg" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-fut7-bb1f-37g7" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k5t3-28es-h3ez" }, { "vulnerability": "VCID-khpm-e1xb-hydb" }, { "vulnerability": "VCID-nney-azbc-pucg" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-pmvp-twk2-jqe4" }, { "vulnerability": "VCID-qv14-m93d-jyd9" }, { "vulnerability": "VCID-rqrw-t2kj-mud8" }, { "vulnerability": "VCID-ru6w-m6q6-27gn" }, { "vulnerability": "VCID-sdsa-mh76-kqch" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-u259-2sxq-tbct" }, { "vulnerability": "VCID-vw2r-g8yy-eyf4" }, { "vulnerability": "VCID-x5x1-w7yv-eye9" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-y7ds-p5r2-yuhq" }, { "vulnerability": "VCID-zmwv-gwq3-fkej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/57074?format=api", "purl": "pkg:composer/typo3/cms@9.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-3ye6-vqje-abh4" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-4eym-e6vt-8fbs" }, { "vulnerability": "VCID-4jck-w9ct-budk" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-7m6u-k5tp-gkhy" }, { "vulnerability": "VCID-7xv1-78u7-xufp" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-9adx-p876-kyb5" }, { "vulnerability": "VCID-am6s-67bm-77dr" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-cvk2-93hm-gkhx" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-fut7-bb1f-37g7" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k5t3-28es-h3ez" }, { "vulnerability": "VCID-khpm-e1xb-hydb" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-nney-azbc-pucg" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-pmvp-twk2-jqe4" }, { "vulnerability": "VCID-qv14-m93d-jyd9" }, { "vulnerability": "VCID-rqrw-t2kj-mud8" }, { "vulnerability": "VCID-ru6w-m6q6-27gn" }, { "vulnerability": "VCID-sdsa-mh76-kqch" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-u259-2sxq-tbct" }, { "vulnerability": "VCID-vw2r-g8yy-eyf4" }, { "vulnerability": "VCID-x5x1-w7yv-eye9" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-y7ds-p5r2-yuhq" }, { "vulnerability": "VCID-zeut-9wfp-q7et" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" }, { "vulnerability": "VCID-zmwv-gwq3-fkej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.2" } ], "aliases": [ "GMS-2018-98" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-953t-q1cr-zyd6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40086?format=api", "vulnerability_id": "VCID-abjx-8v46-d7d8", "summary": "Improper Authentication\nAuthentication Bypass in TYPO3 CMS.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-001/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56093?format=api", "purl": "pkg:composer/typo3/cms@7.6.30", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ugj-6m1e-e3hr" }, { "vulnerability": "VCID-953t-q1cr-zyd6" }, { "vulnerability": "VCID-dsqm-9q3e-dudw" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fdnw-2tz5-4fdr" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hp99-ncuh-6ugv" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-jq5y-7h9g-mufa" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-yz6t-ge1y-qfgr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.30" }, { "url": "http://public2.vulnerablecode.io/api/packages/56094?format=api", "purl": "pkg:composer/typo3/cms@8.7.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-3ugj-6m1e-e3hr" }, { "vulnerability": "VCID-4eym-e6vt-8fbs" }, { "vulnerability": "VCID-7ch1-q9f4-a7bt" }, { "vulnerability": "VCID-7m6u-k5tp-gkhy" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-953t-q1cr-zyd6" }, { "vulnerability": "VCID-am6s-67bm-77dr" }, { "vulnerability": "VCID-bn3p-39sv-6fdg" }, { "vulnerability": "VCID-dsqm-9q3e-dudw" }, { "vulnerability": "VCID-emqq-kwjg-3kfk" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fdnw-2tz5-4fdr" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-fut7-bb1f-37g7" }, { "vulnerability": "VCID-hp99-ncuh-6ugv" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-jq5y-7h9g-mufa" }, { "vulnerability": "VCID-k5t3-28es-h3ez" }, { "vulnerability": "VCID-khpm-e1xb-hydb" }, { "vulnerability": "VCID-nney-azbc-pucg" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-pmvp-twk2-jqe4" }, { "vulnerability": "VCID-qv14-m93d-jyd9" }, { "vulnerability": "VCID-qxab-9uwr-yqhv" }, { "vulnerability": "VCID-rqrw-t2kj-mud8" }, { "vulnerability": "VCID-ru6w-m6q6-27gn" }, { "vulnerability": "VCID-sdsa-mh76-kqch" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-u259-2sxq-tbct" }, { "vulnerability": "VCID-vw2r-g8yy-eyf4" }, { "vulnerability": "VCID-x5x1-w7yv-eye9" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-y7ds-p5r2-yuhq" }, { "vulnerability": "VCID-yz6t-ge1y-qfgr" }, { "vulnerability": "VCID-zmwv-gwq3-fkej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/56095?format=api", "purl": "pkg:composer/typo3/cms@9.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-3ugj-6m1e-e3hr" }, { "vulnerability": "VCID-3ye6-vqje-abh4" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-4eym-e6vt-8fbs" }, { "vulnerability": "VCID-4jck-w9ct-budk" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-7ch1-q9f4-a7bt" }, { "vulnerability": "VCID-7m6u-k5tp-gkhy" }, { "vulnerability": "VCID-7xv1-78u7-xufp" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-953t-q1cr-zyd6" }, { "vulnerability": "VCID-9adx-p876-kyb5" }, { "vulnerability": "VCID-am6s-67bm-77dr" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-cvk2-93hm-gkhx" }, { "vulnerability": "VCID-dsqm-9q3e-dudw" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-emqq-kwjg-3kfk" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-fut7-bb1f-37g7" }, { "vulnerability": "VCID-hp99-ncuh-6ugv" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-jq5y-7h9g-mufa" }, { "vulnerability": "VCID-k5t3-28es-h3ez" }, { "vulnerability": "VCID-khpm-e1xb-hydb" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-nney-azbc-pucg" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-pmvp-twk2-jqe4" }, { "vulnerability": "VCID-qv14-m93d-jyd9" }, { "vulnerability": "VCID-qxab-9uwr-yqhv" }, { "vulnerability": "VCID-rqrw-t2kj-mud8" }, { "vulnerability": "VCID-ru6w-m6q6-27gn" }, { "vulnerability": "VCID-sdsa-mh76-kqch" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-u259-2sxq-tbct" }, { "vulnerability": "VCID-vw2r-g8yy-eyf4" }, { "vulnerability": "VCID-x5x1-w7yv-eye9" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-y7ds-p5r2-yuhq" }, { "vulnerability": "VCID-yz6t-ge1y-qfgr" }, { "vulnerability": "VCID-zeut-9wfp-q7et" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" }, { "vulnerability": "VCID-zmwv-gwq3-fkej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.3.2" } ], "aliases": [ "GMS-2018-93" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-abjx-8v46-d7d8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37985?format=api", "vulnerability_id": "VCID-ansr-8m5j-pya6", "summary": "Cross-site Scripting\nMultiple Cross-Site Scripting vulnerabilities in TYPO3 backend.", "references": [ { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-011/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-011/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/52451?format=api", "purl": "pkg:composer/typo3/cms@7.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r7u-mc45-8yhe" }, { "vulnerability": "VCID-2vpx-fqb6-aqfa" }, { "vulnerability": "VCID-39jx-muqb-nkfq" }, { "vulnerability": "VCID-3ugj-6m1e-e3hr" }, { "vulnerability": "VCID-5dxs-cdht-27hw" }, { "vulnerability": "VCID-5hm4-ms5p-uuae" }, { "vulnerability": "VCID-66ru-n2df-b3ay" }, { "vulnerability": "VCID-727q-h3ey-6yc9" }, { "vulnerability": "VCID-8jcy-3kje-fqeh" }, { "vulnerability": "VCID-8p64-6zpt-t3av" }, { "vulnerability": "VCID-953t-q1cr-zyd6" }, { "vulnerability": "VCID-9saf-w56y-pugz" }, { "vulnerability": "VCID-abjx-8v46-d7d8" }, { "vulnerability": "VCID-dd9u-w2y2-87h9" }, { "vulnerability": "VCID-dsqm-9q3e-dudw" }, { "vulnerability": "VCID-e564-zdku-9fc6" }, { "vulnerability": "VCID-eutz-mj58-audb" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-exjy-5cyn-zfg1" }, { "vulnerability": "VCID-fdnw-2tz5-4fdr" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-g9ns-sxkx-aqh1" }, { "vulnerability": "VCID-h217-xe8x-nua3" }, { "vulnerability": "VCID-h7cg-64er-uya9" }, { "vulnerability": "VCID-h7hf-sf2q-73ay" }, { "vulnerability": "VCID-hp99-ncuh-6ugv" }, { "vulnerability": "VCID-hzma-cduk-3uhp" }, { "vulnerability": "VCID-jeqr-9tfu-f7b2" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-jq5y-7h9g-mufa" }, { "vulnerability": "VCID-jqe4-8hzb-mfea" }, { "vulnerability": "VCID-ks1q-a8x2-uqht" }, { "vulnerability": "VCID-m3nc-xbb4-yubr" }, { "vulnerability": "VCID-mctp-nf36-7qdn" }, { "vulnerability": "VCID-nhjv-nke2-2kf8" }, { "vulnerability": "VCID-njsj-bwjq-fyap" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-s97a-nmk8-y3ay" }, { "vulnerability": "VCID-sy7r-d6pv-yba9" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-u4tq-8qnk-5fd7" }, { "vulnerability": "VCID-vq15-t92r-5bhx" }, { "vulnerability": "VCID-xh68-defe-f7ce" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-y1ap-y4az-x7ec" }, { "vulnerability": "VCID-ygw4-jdqu-4fbt" }, { "vulnerability": "VCID-yn6z-9v7k-x7br" }, { "vulnerability": "VCID-yz6t-ge1y-qfgr" }, { "vulnerability": "VCID-zrz3-3dnf-tbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.1" } ], "aliases": [ "GMS-2015-87" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ansr-8m5j-pya6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40497?format=api", "vulnerability_id": "VCID-dsqm-9q3e-dudw", "summary": "Uncontrolled Resource Consumption\nDenial of Service in Online Media Asset Handling.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-011/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-011/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57123?format=api", "purl": "pkg:composer/typo3/cms@7.6.32", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.32" }, { "url": "http://public2.vulnerablecode.io/api/packages/57073?format=api", "purl": "pkg:composer/typo3/cms@8.7.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-4eym-e6vt-8fbs" }, { "vulnerability": "VCID-7m6u-k5tp-gkhy" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-am6s-67bm-77dr" }, { "vulnerability": "VCID-bn3p-39sv-6fdg" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-fut7-bb1f-37g7" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k5t3-28es-h3ez" }, { "vulnerability": "VCID-khpm-e1xb-hydb" }, { "vulnerability": "VCID-nney-azbc-pucg" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-pmvp-twk2-jqe4" }, { "vulnerability": "VCID-qv14-m93d-jyd9" }, { "vulnerability": "VCID-rqrw-t2kj-mud8" }, { "vulnerability": "VCID-ru6w-m6q6-27gn" }, { "vulnerability": "VCID-sdsa-mh76-kqch" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-u259-2sxq-tbct" }, { "vulnerability": "VCID-vw2r-g8yy-eyf4" }, { "vulnerability": "VCID-x5x1-w7yv-eye9" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-y7ds-p5r2-yuhq" }, { "vulnerability": "VCID-zmwv-gwq3-fkej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/57074?format=api", "purl": "pkg:composer/typo3/cms@9.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-3ye6-vqje-abh4" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-4eym-e6vt-8fbs" }, { "vulnerability": "VCID-4jck-w9ct-budk" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-7m6u-k5tp-gkhy" }, { "vulnerability": "VCID-7xv1-78u7-xufp" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-9adx-p876-kyb5" }, { "vulnerability": "VCID-am6s-67bm-77dr" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-cvk2-93hm-gkhx" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-fut7-bb1f-37g7" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k5t3-28es-h3ez" }, { "vulnerability": "VCID-khpm-e1xb-hydb" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-nney-azbc-pucg" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-pmvp-twk2-jqe4" }, { "vulnerability": "VCID-qv14-m93d-jyd9" }, { "vulnerability": "VCID-rqrw-t2kj-mud8" }, { "vulnerability": "VCID-ru6w-m6q6-27gn" }, { "vulnerability": "VCID-sdsa-mh76-kqch" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-u259-2sxq-tbct" }, { "vulnerability": "VCID-vw2r-g8yy-eyf4" }, { "vulnerability": "VCID-x5x1-w7yv-eye9" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-y7ds-p5r2-yuhq" }, { "vulnerability": "VCID-zeut-9wfp-q7et" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" }, { "vulnerability": "VCID-zmwv-gwq3-fkej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.2" } ], "aliases": [ "GMS-2018-102" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dsqm-9q3e-dudw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37968?format=api", "vulnerability_id": "VCID-e82x-2cdb-7fgn", "summary": "Cross-site Scripting\nCross-Site Scripting vulnerability in typolinks.", "references": [ { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-012/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-012/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/52451?format=api", "purl": "pkg:composer/typo3/cms@7.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r7u-mc45-8yhe" }, { "vulnerability": "VCID-2vpx-fqb6-aqfa" }, { "vulnerability": "VCID-39jx-muqb-nkfq" }, { "vulnerability": "VCID-3ugj-6m1e-e3hr" }, { "vulnerability": "VCID-5dxs-cdht-27hw" }, { "vulnerability": "VCID-5hm4-ms5p-uuae" }, { "vulnerability": "VCID-66ru-n2df-b3ay" }, { "vulnerability": "VCID-727q-h3ey-6yc9" }, { "vulnerability": "VCID-8jcy-3kje-fqeh" }, { "vulnerability": "VCID-8p64-6zpt-t3av" }, { "vulnerability": "VCID-953t-q1cr-zyd6" }, { "vulnerability": "VCID-9saf-w56y-pugz" }, { "vulnerability": "VCID-abjx-8v46-d7d8" }, { "vulnerability": "VCID-dd9u-w2y2-87h9" }, { "vulnerability": "VCID-dsqm-9q3e-dudw" }, { "vulnerability": "VCID-e564-zdku-9fc6" }, { "vulnerability": "VCID-eutz-mj58-audb" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-exjy-5cyn-zfg1" }, { "vulnerability": "VCID-fdnw-2tz5-4fdr" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-g9ns-sxkx-aqh1" }, { "vulnerability": "VCID-h217-xe8x-nua3" }, { "vulnerability": "VCID-h7cg-64er-uya9" }, { "vulnerability": "VCID-h7hf-sf2q-73ay" }, { "vulnerability": "VCID-hp99-ncuh-6ugv" }, { "vulnerability": "VCID-hzma-cduk-3uhp" }, { "vulnerability": "VCID-jeqr-9tfu-f7b2" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-jq5y-7h9g-mufa" }, { "vulnerability": "VCID-jqe4-8hzb-mfea" }, { "vulnerability": "VCID-ks1q-a8x2-uqht" }, { "vulnerability": "VCID-m3nc-xbb4-yubr" }, { "vulnerability": "VCID-mctp-nf36-7qdn" }, { "vulnerability": "VCID-nhjv-nke2-2kf8" }, { "vulnerability": "VCID-njsj-bwjq-fyap" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-s97a-nmk8-y3ay" }, { "vulnerability": "VCID-sy7r-d6pv-yba9" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-u4tq-8qnk-5fd7" }, { "vulnerability": "VCID-vq15-t92r-5bhx" }, { "vulnerability": "VCID-xh68-defe-f7ce" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-y1ap-y4az-x7ec" }, { "vulnerability": "VCID-ygw4-jdqu-4fbt" }, { "vulnerability": "VCID-yn6z-9v7k-x7br" }, { "vulnerability": "VCID-yz6t-ge1y-qfgr" }, { "vulnerability": "VCID-zrz3-3dnf-tbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.1" } ], "aliases": [ "GMS-2015-88" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e82x-2cdb-7fgn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54233?format=api", "vulnerability_id": "VCID-ev4k-5k1d-2bhu", "summary": "URL Redirection to Untrusted Site (Open Redirect)\nLogin Handling is susceptible to open redirection which allows attackers redirecting to arbitrary content, and conducting phishing attacks. No authentication is required in order to exploit this vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21338", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48774", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21338" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21338.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21338.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21338.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21338.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-4jhw-2p6j-5wmp", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-4jhw-2p6j-5wmp" }, { "reference_url": "https://packagist.org/packages/typo3/cms-core", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-core" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-001", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-001" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21338", "reference_id": "CVE-2021-21338", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21338" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/58449?format=api", "purl": "pkg:composer/typo3/cms@7.6.51", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-uq77-aax5-k7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.51" }, { "url": "http://public2.vulnerablecode.io/api/packages/58450?format=api", "purl": "pkg:composer/typo3/cms@8.7.40", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-j8hk-bqnb-gycp" }, { "vulnerability": "VCID-sdjb-gp4t-vbgt" }, { "vulnerability": "VCID-uq77-aax5-k7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.40" }, { "url": "http://public2.vulnerablecode.io/api/packages/80032?format=api", "purl": "pkg:composer/typo3/cms@9.5.25", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/80033?format=api", "purl": "pkg:composer/typo3/cms@10.4.14", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.4.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/80034?format=api", "purl": "pkg:composer/typo3/cms@11.1.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@11.1.1" } ], "aliases": [ "CVE-2021-21338", "GHSA-4jhw-2p6j-5wmp" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ev4k-5k1d-2bhu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40504?format=api", "vulnerability_id": "VCID-fdnw-2tz5-4fdr", "summary": "Uncontrolled Resource Consumption\nDenial of Service in Frontend Record Registration.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-012/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-012/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57123?format=api", "purl": "pkg:composer/typo3/cms@7.6.32", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.32" }, { "url": "http://public2.vulnerablecode.io/api/packages/57073?format=api", "purl": "pkg:composer/typo3/cms@8.7.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-4eym-e6vt-8fbs" }, { "vulnerability": "VCID-7m6u-k5tp-gkhy" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-am6s-67bm-77dr" }, { "vulnerability": "VCID-bn3p-39sv-6fdg" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-fut7-bb1f-37g7" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k5t3-28es-h3ez" }, { "vulnerability": "VCID-khpm-e1xb-hydb" }, { "vulnerability": "VCID-nney-azbc-pucg" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-pmvp-twk2-jqe4" }, { "vulnerability": "VCID-qv14-m93d-jyd9" }, { "vulnerability": "VCID-rqrw-t2kj-mud8" }, { "vulnerability": "VCID-ru6w-m6q6-27gn" }, { "vulnerability": "VCID-sdsa-mh76-kqch" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-u259-2sxq-tbct" }, { "vulnerability": "VCID-vw2r-g8yy-eyf4" }, { "vulnerability": "VCID-x5x1-w7yv-eye9" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-y7ds-p5r2-yuhq" }, { "vulnerability": "VCID-zmwv-gwq3-fkej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/55352?format=api", "purl": "pkg:composer/typo3/cms@9.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11u3-8xzy-jfhh" }, { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-28fn-ncj5-2ufk" }, { "vulnerability": "VCID-2rhr-8vaz-hqfj" }, { "vulnerability": "VCID-39vn-73mc-jqav" }, { "vulnerability": "VCID-3k2k-a3gb-n3ba" }, { "vulnerability": "VCID-3ugj-6m1e-e3hr" }, { "vulnerability": "VCID-3ye6-vqje-abh4" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-4eym-e6vt-8fbs" }, { "vulnerability": "VCID-4jck-w9ct-budk" }, { "vulnerability": "VCID-66kh-c1dm-8fbf" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-7ch1-q9f4-a7bt" }, { "vulnerability": "VCID-7m6u-k5tp-gkhy" }, { "vulnerability": "VCID-7xv1-78u7-xufp" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-94r9-hh4g-jkej" }, { "vulnerability": "VCID-953t-q1cr-zyd6" }, { "vulnerability": "VCID-9adx-p876-kyb5" }, { "vulnerability": "VCID-9yu1-z7c2-t3fj" }, { "vulnerability": "VCID-a1g9-pyz5-9fca" }, { "vulnerability": "VCID-abjx-8v46-d7d8" }, { "vulnerability": "VCID-am6s-67bm-77dr" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-buj5-2t53-3kcr" }, { "vulnerability": "VCID-cvk2-93hm-gkhx" }, { "vulnerability": "VCID-dsqm-9q3e-dudw" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-emqq-kwjg-3kfk" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-f319-jpf5-hyex" }, { "vulnerability": "VCID-f4n7-q72x-3yea" }, { "vulnerability": "VCID-fpa2-ffg1-fyaa" }, { "vulnerability": "VCID-fqkc-utex-3kav" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-fut7-bb1f-37g7" }, { "vulnerability": "VCID-gpv4-4tpd-tbaa" }, { "vulnerability": "VCID-hknp-f88a-kqec" }, { "vulnerability": "VCID-hp99-ncuh-6ugv" }, { "vulnerability": "VCID-j8hk-bqnb-gycp" }, { "vulnerability": "VCID-je4q-svfw-hqda" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-jq5y-7h9g-mufa" }, { "vulnerability": "VCID-jwb1-3sbg-kfa5" }, { "vulnerability": "VCID-k5t3-28es-h3ez" }, { "vulnerability": "VCID-khpm-e1xb-hydb" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-njsj-bwjq-fyap" }, { "vulnerability": "VCID-nney-azbc-pucg" }, { "vulnerability": "VCID-p576-w7dd-p3h7" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-pmvp-twk2-jqe4" }, { "vulnerability": "VCID-q2t1-kx56-s3c3" }, { "vulnerability": "VCID-q7vt-19eb-sqeq" }, { "vulnerability": "VCID-qcnh-z4zh-myaw" }, { "vulnerability": "VCID-qdxh-arxx-wbcr" }, { "vulnerability": "VCID-qv14-m93d-jyd9" }, { "vulnerability": "VCID-qxab-9uwr-yqhv" }, { "vulnerability": "VCID-rqrw-t2kj-mud8" }, { "vulnerability": "VCID-ru6w-m6q6-27gn" }, { "vulnerability": "VCID-sdjb-gp4t-vbgt" }, { "vulnerability": "VCID-sdsa-mh76-kqch" }, { "vulnerability": "VCID-teby-zvvw-zkhv" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-u259-2sxq-tbct" }, { "vulnerability": "VCID-u6as-cwxc-pkhk" }, { "vulnerability": "VCID-uq77-aax5-k7d8" }, { "vulnerability": "VCID-vq15-t92r-5bhx" }, { "vulnerability": "VCID-vw2r-g8yy-eyf4" }, { "vulnerability": "VCID-w1wb-mq2y-dfca" }, { "vulnerability": "VCID-w7z1-aw31-vugx" }, { "vulnerability": "VCID-wat8-4m83-hken" }, { "vulnerability": "VCID-x5x1-w7yv-eye9" }, { "vulnerability": "VCID-xvyu-2hb8-8ufh" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-y7ds-p5r2-yuhq" }, { "vulnerability": "VCID-yh6b-tc4u-v3bk" }, { "vulnerability": "VCID-yz6t-ge1y-qfgr" }, { "vulnerability": "VCID-zeut-9wfp-q7et" }, { "vulnerability": "VCID-zgfw-pk39-gyg8" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" }, { "vulnerability": "VCID-zmwv-gwq3-fkej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.0.0" } ], "aliases": [ "GMS-2018-103" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fdnw-2tz5-4fdr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54220?format=api", "vulnerability_id": "VCID-fqkx-v8t5-q3h6", "summary": "Cleartext Storage of Sensitive Information\nUser session identifiers are stored in cleartext - without processing of additional cryptographic hashing algorithms. This vulnerability cannot be exploited directly and occurs in combination with a chained attack - for example SQL injection in any other component of the system.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21339", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32224", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21339" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21339.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21339.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21339.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21339.yaml" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-qx3w-4864-94ch", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-qx3w-4864-94ch" }, { "reference_url": "https://packagist.org/packages/typo3/cms-core", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-core" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-006", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-006" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21339", "reference_id": "CVE-2021-21339", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21339" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/58449?format=api", "purl": "pkg:composer/typo3/cms@7.6.51", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-uq77-aax5-k7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.51" }, { "url": "http://public2.vulnerablecode.io/api/packages/58450?format=api", "purl": "pkg:composer/typo3/cms@8.7.40", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-j8hk-bqnb-gycp" }, { "vulnerability": "VCID-sdjb-gp4t-vbgt" }, { "vulnerability": "VCID-uq77-aax5-k7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.40" }, { "url": "http://public2.vulnerablecode.io/api/packages/80032?format=api", "purl": "pkg:composer/typo3/cms@9.5.25", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/80033?format=api", "purl": "pkg:composer/typo3/cms@10.4.14", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.4.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/80034?format=api", "purl": "pkg:composer/typo3/cms@11.1.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@11.1.1" } ], "aliases": [ "CVE-2021-21339", "GHSA-qx3w-4864-94ch" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fqkx-v8t5-q3h6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40507?format=api", "vulnerability_id": "VCID-hp99-ncuh-6ugv", "summary": "Cross-site Scripting\nCross-Site Scripting in Frontend User Login.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-008/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-008/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57123?format=api", "purl": "pkg:composer/typo3/cms@7.6.32", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.32" }, { "url": "http://public2.vulnerablecode.io/api/packages/57073?format=api", "purl": "pkg:composer/typo3/cms@8.7.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-4eym-e6vt-8fbs" }, { "vulnerability": "VCID-7m6u-k5tp-gkhy" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-am6s-67bm-77dr" }, { "vulnerability": "VCID-bn3p-39sv-6fdg" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-fut7-bb1f-37g7" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k5t3-28es-h3ez" }, { "vulnerability": "VCID-khpm-e1xb-hydb" }, { "vulnerability": "VCID-nney-azbc-pucg" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-pmvp-twk2-jqe4" }, { "vulnerability": "VCID-qv14-m93d-jyd9" }, { "vulnerability": "VCID-rqrw-t2kj-mud8" }, { "vulnerability": "VCID-ru6w-m6q6-27gn" }, { "vulnerability": "VCID-sdsa-mh76-kqch" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-u259-2sxq-tbct" }, { "vulnerability": "VCID-vw2r-g8yy-eyf4" }, { "vulnerability": "VCID-x5x1-w7yv-eye9" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-y7ds-p5r2-yuhq" }, { "vulnerability": "VCID-zmwv-gwq3-fkej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/57074?format=api", "purl": "pkg:composer/typo3/cms@9.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-3ye6-vqje-abh4" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-4eym-e6vt-8fbs" }, { "vulnerability": "VCID-4jck-w9ct-budk" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-7m6u-k5tp-gkhy" }, { "vulnerability": "VCID-7xv1-78u7-xufp" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-9adx-p876-kyb5" }, { "vulnerability": "VCID-am6s-67bm-77dr" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-cvk2-93hm-gkhx" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-fut7-bb1f-37g7" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k5t3-28es-h3ez" }, { "vulnerability": "VCID-khpm-e1xb-hydb" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-nney-azbc-pucg" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-pmvp-twk2-jqe4" }, { "vulnerability": "VCID-qv14-m93d-jyd9" }, { "vulnerability": "VCID-rqrw-t2kj-mud8" }, { "vulnerability": "VCID-ru6w-m6q6-27gn" }, { "vulnerability": "VCID-sdsa-mh76-kqch" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-u259-2sxq-tbct" }, { "vulnerability": "VCID-vw2r-g8yy-eyf4" }, { "vulnerability": "VCID-x5x1-w7yv-eye9" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-y7ds-p5r2-yuhq" }, { "vulnerability": "VCID-zeut-9wfp-q7et" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" }, { "vulnerability": "VCID-zmwv-gwq3-fkej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.2" } ], "aliases": [ "GMS-2018-99" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hp99-ncuh-6ugv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54221?format=api", "vulnerability_id": "VCID-jp1p-rfxa-hyd9", "summary": "Cross-site Scripting\nContent elements of type `_menu_` are vulnerable to cross-site scripting when their referenced items get previewed in the page module. A valid backend user account is needed to exploit this vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21370", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.57112", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21370" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21370.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21370.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21370.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21370.yaml" }, { "reference_url": "https://packagist.org/packages/typo3/cms-backend", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/typo3/cms-backend" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2021-008", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2021-008" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21370", "reference_id": "CVE-2021-21370", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21370" }, { "reference_url": "https://github.com/advisories/GHSA-x7hc-x7fm-f7qh", "reference_id": "GHSA-x7hc-x7fm-f7qh", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-x7hc-x7fm-f7qh" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-x7hc-x7fm-f7qh", "reference_id": "GHSA-x7hc-x7fm-f7qh", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-x7hc-x7fm-f7qh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/58449?format=api", "purl": "pkg:composer/typo3/cms@7.6.51", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-uq77-aax5-k7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.51" }, { "url": "http://public2.vulnerablecode.io/api/packages/58450?format=api", "purl": "pkg:composer/typo3/cms@8.7.40", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-j8hk-bqnb-gycp" }, { "vulnerability": "VCID-sdjb-gp4t-vbgt" }, { "vulnerability": "VCID-uq77-aax5-k7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.40" }, { "url": "http://public2.vulnerablecode.io/api/packages/80032?format=api", "purl": "pkg:composer/typo3/cms@9.5.25", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/80033?format=api", "purl": "pkg:composer/typo3/cms@10.4.14", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.4.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/80034?format=api", "purl": "pkg:composer/typo3/cms@11.1.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@11.1.1" } ], "aliases": [ "CVE-2021-21370", "GHSA-x7hc-x7fm-f7qh" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jp1p-rfxa-hyd9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40511?format=api", "vulnerability_id": "VCID-jq5y-7h9g-mufa", "summary": "Information Disclosure in Install Tool.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-010/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-010/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57123?format=api", "purl": "pkg:composer/typo3/cms@7.6.32", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.32" }, { "url": "http://public2.vulnerablecode.io/api/packages/57073?format=api", "purl": "pkg:composer/typo3/cms@8.7.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-4eym-e6vt-8fbs" }, { "vulnerability": "VCID-7m6u-k5tp-gkhy" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-am6s-67bm-77dr" }, { "vulnerability": "VCID-bn3p-39sv-6fdg" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-fut7-bb1f-37g7" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k5t3-28es-h3ez" }, { "vulnerability": "VCID-khpm-e1xb-hydb" }, { "vulnerability": "VCID-nney-azbc-pucg" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-pmvp-twk2-jqe4" }, { "vulnerability": "VCID-qv14-m93d-jyd9" }, { "vulnerability": "VCID-rqrw-t2kj-mud8" }, { "vulnerability": "VCID-ru6w-m6q6-27gn" }, { "vulnerability": "VCID-sdsa-mh76-kqch" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-u259-2sxq-tbct" }, { "vulnerability": "VCID-vw2r-g8yy-eyf4" }, { "vulnerability": "VCID-x5x1-w7yv-eye9" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-y7ds-p5r2-yuhq" }, { "vulnerability": "VCID-zmwv-gwq3-fkej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/57074?format=api", "purl": "pkg:composer/typo3/cms@9.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-3ye6-vqje-abh4" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-4eym-e6vt-8fbs" }, { "vulnerability": "VCID-4jck-w9ct-budk" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-7m6u-k5tp-gkhy" }, { "vulnerability": "VCID-7xv1-78u7-xufp" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-9adx-p876-kyb5" }, { "vulnerability": "VCID-am6s-67bm-77dr" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-cvk2-93hm-gkhx" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-fut7-bb1f-37g7" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k5t3-28es-h3ez" }, { "vulnerability": "VCID-khpm-e1xb-hydb" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-nney-azbc-pucg" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-pmvp-twk2-jqe4" }, { "vulnerability": "VCID-qv14-m93d-jyd9" }, { "vulnerability": "VCID-rqrw-t2kj-mud8" }, { "vulnerability": "VCID-ru6w-m6q6-27gn" }, { "vulnerability": "VCID-sdsa-mh76-kqch" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-u259-2sxq-tbct" }, { "vulnerability": "VCID-vw2r-g8yy-eyf4" }, { "vulnerability": "VCID-x5x1-w7yv-eye9" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-y7ds-p5r2-yuhq" }, { "vulnerability": "VCID-zeut-9wfp-q7et" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" }, { "vulnerability": "VCID-zmwv-gwq3-fkej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.2" } ], "aliases": [ "GMS-2018-101" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jq5y-7h9g-mufa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37983?format=api", "vulnerability_id": "VCID-n18b-qe5x-z7cj", "summary": "Cross-Site Scripting vulnerability in typolinks\nAll link fields within the TYPO3 installation are vulnerable to Cross-Site Scripting as authorized editors can insert javascript commands by using the url scheme \"javascript:\".", "references": [ { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-012/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-012/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/52451?format=api", "purl": "pkg:composer/typo3/cms@7.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r7u-mc45-8yhe" }, { "vulnerability": "VCID-2vpx-fqb6-aqfa" }, { "vulnerability": "VCID-39jx-muqb-nkfq" }, { "vulnerability": "VCID-3ugj-6m1e-e3hr" }, { "vulnerability": "VCID-5dxs-cdht-27hw" }, { "vulnerability": "VCID-5hm4-ms5p-uuae" }, { "vulnerability": "VCID-66ru-n2df-b3ay" }, { "vulnerability": "VCID-727q-h3ey-6yc9" }, { "vulnerability": "VCID-8jcy-3kje-fqeh" }, { "vulnerability": "VCID-8p64-6zpt-t3av" }, { "vulnerability": "VCID-953t-q1cr-zyd6" }, { "vulnerability": "VCID-9saf-w56y-pugz" }, { "vulnerability": "VCID-abjx-8v46-d7d8" }, { "vulnerability": "VCID-dd9u-w2y2-87h9" }, { "vulnerability": "VCID-dsqm-9q3e-dudw" }, { "vulnerability": "VCID-e564-zdku-9fc6" }, { "vulnerability": "VCID-eutz-mj58-audb" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-exjy-5cyn-zfg1" }, { "vulnerability": "VCID-fdnw-2tz5-4fdr" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-g9ns-sxkx-aqh1" }, { "vulnerability": "VCID-h217-xe8x-nua3" }, { "vulnerability": "VCID-h7cg-64er-uya9" }, { "vulnerability": "VCID-h7hf-sf2q-73ay" }, { "vulnerability": "VCID-hp99-ncuh-6ugv" }, { "vulnerability": "VCID-hzma-cduk-3uhp" }, { "vulnerability": "VCID-jeqr-9tfu-f7b2" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-jq5y-7h9g-mufa" }, { "vulnerability": "VCID-jqe4-8hzb-mfea" }, { "vulnerability": "VCID-ks1q-a8x2-uqht" }, { "vulnerability": "VCID-m3nc-xbb4-yubr" }, { "vulnerability": "VCID-mctp-nf36-7qdn" }, { "vulnerability": "VCID-nhjv-nke2-2kf8" }, { "vulnerability": "VCID-njsj-bwjq-fyap" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-s97a-nmk8-y3ay" }, { "vulnerability": "VCID-sy7r-d6pv-yba9" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-u4tq-8qnk-5fd7" }, { "vulnerability": "VCID-vq15-t92r-5bhx" }, { "vulnerability": "VCID-xh68-defe-f7ce" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-y1ap-y4az-x7ec" }, { "vulnerability": "VCID-ygw4-jdqu-4fbt" }, { "vulnerability": "VCID-yn6z-9v7k-x7br" }, { "vulnerability": "VCID-yz6t-ge1y-qfgr" }, { "vulnerability": "VCID-zrz3-3dnf-tbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.1" } ], "aliases": [ "TYPO3-CORE-SA-2015-012" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n18b-qe5x-z7cj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38128?format=api", "vulnerability_id": "VCID-nhjv-nke2-2kf8", "summary": "Missing Access Check\nExtbase request handling fails to implement a proper access check for requested controller/ action combinations, which makes it possible for an attacker to execute arbitrary Extbase actions by crafting a special request. To successfully exploit this vulnerability, an attacker must have access to at least one Extbase plugin or module action in a TYPO3 installation. The missing access check inevitably leads to information disclosure or remote code execution, depending on the action that an attacker is able to execute.", "references": [ { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/commit/21ed4054212babb7ec75d80a24f95c6ba25bd2fb", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/TYPO3/TYPO3.CMS/commit/21ed4054212babb7ec75d80a24f95c6ba25bd2fb" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/commit/404f09d491c96b294ded5e2741277dfbeba92807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/TYPO3/TYPO3.CMS/commit/404f09d491c96b294ded5e2741277dfbeba92807" }, { "reference_url": "https://github.com/TYPO3/TYPO3.CMS/commit/c10db60dfc87c33542c418fa316754a5309c3e26", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/TYPO3/TYPO3.CMS/commit/c10db60dfc87c33542c418fa316754a5309c3e26" }, { "reference_url": "https://typo3.org/teamssecuritysecurity-bulletins/security-bulletins-single-view/article/missing-access-check-in-typo3-cms/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teamssecuritysecurity-bulletins/security-bulletins-single-view/article/missing-access-check-in-typo3-cms/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/52709?format=api", "purl": "pkg:composer/typo3/cms@7.6.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2vpx-fqb6-aqfa" }, { "vulnerability": "VCID-3ugj-6m1e-e3hr" }, { "vulnerability": "VCID-5dxs-cdht-27hw" }, { "vulnerability": "VCID-5hm4-ms5p-uuae" }, { "vulnerability": "VCID-66ru-n2df-b3ay" }, { "vulnerability": "VCID-727q-h3ey-6yc9" }, { "vulnerability": "VCID-8jcy-3kje-fqeh" }, { "vulnerability": "VCID-953t-q1cr-zyd6" }, { "vulnerability": "VCID-9saf-w56y-pugz" }, { "vulnerability": "VCID-abjx-8v46-d7d8" }, { "vulnerability": "VCID-dd9u-w2y2-87h9" }, { "vulnerability": "VCID-dsqm-9q3e-dudw" }, { "vulnerability": "VCID-e564-zdku-9fc6" }, { "vulnerability": "VCID-eutz-mj58-audb" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fdnw-2tz5-4fdr" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-h217-xe8x-nua3" }, { "vulnerability": "VCID-h7cg-64er-uya9" }, { "vulnerability": "VCID-h7hf-sf2q-73ay" }, { "vulnerability": "VCID-hp99-ncuh-6ugv" }, { "vulnerability": "VCID-hzma-cduk-3uhp" }, { "vulnerability": "VCID-jeqr-9tfu-f7b2" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-jq5y-7h9g-mufa" }, { "vulnerability": "VCID-jqe4-8hzb-mfea" }, { "vulnerability": "VCID-ks1q-a8x2-uqht" }, { "vulnerability": "VCID-m3nc-xbb4-yubr" }, { "vulnerability": "VCID-mctp-nf36-7qdn" }, { "vulnerability": "VCID-njsj-bwjq-fyap" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-sy7r-d6pv-yba9" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-vq15-t92r-5bhx" }, { "vulnerability": "VCID-xh68-defe-f7ce" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-ygw4-jdqu-4fbt" }, { "vulnerability": "VCID-yn6z-9v7k-x7br" }, { "vulnerability": "VCID-yz6t-ge1y-qfgr" }, { "vulnerability": "VCID-zrz3-3dnf-tbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/52710?format=api", "purl": "pkg:composer/typo3/cms@8.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-2vpx-fqb6-aqfa" }, { "vulnerability": "VCID-3ugj-6m1e-e3hr" }, { "vulnerability": "VCID-4eym-e6vt-8fbs" }, { "vulnerability": "VCID-5dxs-cdht-27hw" }, { "vulnerability": "VCID-5hm4-ms5p-uuae" }, { "vulnerability": "VCID-66ru-n2df-b3ay" }, { "vulnerability": "VCID-727q-h3ey-6yc9" }, { "vulnerability": "VCID-7ch1-q9f4-a7bt" }, { "vulnerability": "VCID-7m6u-k5tp-gkhy" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8jcy-3kje-fqeh" }, { "vulnerability": "VCID-953t-q1cr-zyd6" }, { "vulnerability": "VCID-9saf-w56y-pugz" }, { "vulnerability": "VCID-abjx-8v46-d7d8" }, { "vulnerability": "VCID-am6s-67bm-77dr" }, { "vulnerability": "VCID-bn3p-39sv-6fdg" }, { "vulnerability": "VCID-d6c2-upx1-e7cd" }, { "vulnerability": "VCID-dsqm-9q3e-dudw" }, { "vulnerability": "VCID-e564-zdku-9fc6" }, { "vulnerability": "VCID-emqq-kwjg-3kfk" }, { "vulnerability": "VCID-eutz-mj58-audb" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fdnw-2tz5-4fdr" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-fut7-bb1f-37g7" }, { "vulnerability": "VCID-gk79-jtuz-myh6" }, { "vulnerability": "VCID-h217-xe8x-nua3" }, { "vulnerability": "VCID-h7cg-64er-uya9" }, { "vulnerability": "VCID-h7hf-sf2q-73ay" }, { "vulnerability": "VCID-hp99-ncuh-6ugv" }, { "vulnerability": "VCID-hzma-cduk-3uhp" }, { "vulnerability": "VCID-jeqr-9tfu-f7b2" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-jq5y-7h9g-mufa" }, { "vulnerability": "VCID-jqe4-8hzb-mfea" }, { "vulnerability": "VCID-k5t3-28es-h3ez" }, { "vulnerability": "VCID-khpm-e1xb-hydb" }, { "vulnerability": "VCID-ks1q-a8x2-uqht" }, { "vulnerability": "VCID-m3nc-xbb4-yubr" }, { "vulnerability": "VCID-mctp-nf36-7qdn" }, { "vulnerability": "VCID-njsj-bwjq-fyap" }, { "vulnerability": "VCID-nney-azbc-pucg" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-pmvp-twk2-jqe4" }, { "vulnerability": "VCID-q52p-xfj8-gygd" }, { "vulnerability": "VCID-qxab-9uwr-yqhv" }, { "vulnerability": "VCID-rqrw-t2kj-mud8" }, { "vulnerability": "VCID-ru6w-m6q6-27gn" }, { "vulnerability": "VCID-sdsa-mh76-kqch" }, { "vulnerability": "VCID-sy7r-d6pv-yba9" }, { "vulnerability": "VCID-u259-2sxq-tbct" }, { "vulnerability": "VCID-vq15-t92r-5bhx" }, { "vulnerability": "VCID-vw2r-g8yy-eyf4" }, { "vulnerability": "VCID-wy45-2gmr-fkfg" }, { "vulnerability": "VCID-x5x1-w7yv-eye9" }, { "vulnerability": "VCID-xh68-defe-f7ce" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-y7ds-p5r2-yuhq" }, { "vulnerability": "VCID-ygw4-jdqu-4fbt" }, { "vulnerability": "VCID-yn6z-9v7k-x7br" }, { "vulnerability": "VCID-yz6t-ge1y-qfgr" }, { "vulnerability": "VCID-zmwv-gwq3-fkej" }, { "vulnerability": "VCID-zrz3-3dnf-tbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.1.1" } ], "aliases": [ "TYPO3-CORE-SA-2016-013" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nhjv-nke2-2kf8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40087?format=api", "vulnerability_id": "VCID-njsj-bwjq-fyap", "summary": "Insecure Deserialization & Arbitrary Code Execution in TYPO3 CMS.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-002/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56093?format=api", "purl": "pkg:composer/typo3/cms@7.6.30", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ugj-6m1e-e3hr" }, { "vulnerability": "VCID-953t-q1cr-zyd6" }, { "vulnerability": "VCID-dsqm-9q3e-dudw" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fdnw-2tz5-4fdr" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hp99-ncuh-6ugv" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-jq5y-7h9g-mufa" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-yz6t-ge1y-qfgr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.30" }, { "url": "http://public2.vulnerablecode.io/api/packages/56094?format=api", "purl": "pkg:composer/typo3/cms@8.7.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-3ugj-6m1e-e3hr" }, { "vulnerability": "VCID-4eym-e6vt-8fbs" }, { "vulnerability": "VCID-7ch1-q9f4-a7bt" }, { "vulnerability": "VCID-7m6u-k5tp-gkhy" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-953t-q1cr-zyd6" }, { "vulnerability": "VCID-am6s-67bm-77dr" }, { "vulnerability": "VCID-bn3p-39sv-6fdg" }, { "vulnerability": "VCID-dsqm-9q3e-dudw" }, { "vulnerability": "VCID-emqq-kwjg-3kfk" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fdnw-2tz5-4fdr" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-fut7-bb1f-37g7" }, { "vulnerability": "VCID-hp99-ncuh-6ugv" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-jq5y-7h9g-mufa" }, { "vulnerability": "VCID-k5t3-28es-h3ez" }, { "vulnerability": "VCID-khpm-e1xb-hydb" }, { "vulnerability": "VCID-nney-azbc-pucg" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-pmvp-twk2-jqe4" }, { "vulnerability": "VCID-qv14-m93d-jyd9" }, { "vulnerability": "VCID-qxab-9uwr-yqhv" }, { "vulnerability": "VCID-rqrw-t2kj-mud8" }, { "vulnerability": "VCID-ru6w-m6q6-27gn" }, { "vulnerability": "VCID-sdsa-mh76-kqch" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-u259-2sxq-tbct" }, { "vulnerability": "VCID-vw2r-g8yy-eyf4" }, { "vulnerability": "VCID-x5x1-w7yv-eye9" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-y7ds-p5r2-yuhq" }, { "vulnerability": "VCID-yz6t-ge1y-qfgr" }, { "vulnerability": "VCID-zmwv-gwq3-fkej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/56095?format=api", "purl": "pkg:composer/typo3/cms@9.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-3ugj-6m1e-e3hr" }, { "vulnerability": "VCID-3ye6-vqje-abh4" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-4eym-e6vt-8fbs" }, { "vulnerability": "VCID-4jck-w9ct-budk" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-7ch1-q9f4-a7bt" }, { "vulnerability": "VCID-7m6u-k5tp-gkhy" }, { "vulnerability": "VCID-7xv1-78u7-xufp" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-953t-q1cr-zyd6" }, { "vulnerability": "VCID-9adx-p876-kyb5" }, { "vulnerability": "VCID-am6s-67bm-77dr" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-cvk2-93hm-gkhx" }, { "vulnerability": "VCID-dsqm-9q3e-dudw" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-emqq-kwjg-3kfk" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-fut7-bb1f-37g7" }, { "vulnerability": "VCID-hp99-ncuh-6ugv" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-jq5y-7h9g-mufa" }, { "vulnerability": "VCID-k5t3-28es-h3ez" }, { "vulnerability": "VCID-khpm-e1xb-hydb" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-nney-azbc-pucg" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-pmvp-twk2-jqe4" }, { "vulnerability": "VCID-qv14-m93d-jyd9" }, { "vulnerability": "VCID-qxab-9uwr-yqhv" }, { "vulnerability": "VCID-rqrw-t2kj-mud8" }, { "vulnerability": "VCID-ru6w-m6q6-27gn" }, { "vulnerability": "VCID-sdsa-mh76-kqch" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-u259-2sxq-tbct" }, { "vulnerability": "VCID-vw2r-g8yy-eyf4" }, { "vulnerability": "VCID-x5x1-w7yv-eye9" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-y7ds-p5r2-yuhq" }, { "vulnerability": "VCID-yz6t-ge1y-qfgr" }, { "vulnerability": "VCID-zeut-9wfp-q7et" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" }, { "vulnerability": "VCID-zmwv-gwq3-fkej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.3.2" } ], "aliases": [ "GMS-2018-94" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-njsj-bwjq-fyap" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52113?format=api", "vulnerability_id": "VCID-p7gd-anw2-1qbz", "summary": "Deserialization of Untrusted Data\nIt has been discovered that the classes `QueryGenerator` and `QueryView` are vulnerable to insecure deserialization. One exploitable scenario requires having the system extension `ext:lowlevel` (Backend Module `DB Check`) installed, with a valid backend user who has administrator privileges. The other exploitable scenario requires having the system extension `ext:sys_action` installed, with a valid backend user who has limited privileges.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19849", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00746", "scoring_system": "epss", "scoring_elements": "0.7342", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19849" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-19849.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-19849.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-19849.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-19849.yaml" }, { "reference_url": "https://review.typo3.org/q/%2522Resolves:+%252389005%2522+topic:security", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://review.typo3.org/q/%2522Resolves:+%252389005%2522+topic:security" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-026", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-026" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-026/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-026/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19849", "reference_id": "CVE-2019-19849", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19849" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/76375?format=api", "purl": "pkg:composer/typo3/cms@8.7.30", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.30" }, { "url": "http://public2.vulnerablecode.io/api/packages/76376?format=api", "purl": "pkg:composer/typo3/cms@9.5.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-bcbd-zzet-mff6" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/81802?format=api", "purl": "pkg:composer/typo3/cms@10.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-2tz2-8qdm-2kcv" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-6urp-p9mn-cffv" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-bcbd-zzet-mff6" }, { "vulnerability": "VCID-c46m-ht19-ybc4" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-r3az-g422-gqf9" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/76377?format=api", "purl": "pkg:composer/typo3/cms@10.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-2tz2-8qdm-2kcv" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-6urp-p9mn-cffv" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-bcbd-zzet-mff6" }, { "vulnerability": "VCID-c46m-ht19-ybc4" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-r3az-g422-gqf9" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.2.2" } ], "aliases": [ "CVE-2019-19849", "GHSA-rcgc-4xfc-564v" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p7gd-anw2-1qbz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37986?format=api", "vulnerability_id": "VCID-u6h1-ccgw-jqds", "summary": "Cross-site Scripting\nMultiple Cross-Site Scripting vulnerabilities in frontend.", "references": [ { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-013/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-013/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/52451?format=api", "purl": "pkg:composer/typo3/cms@7.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r7u-mc45-8yhe" }, { "vulnerability": "VCID-2vpx-fqb6-aqfa" }, { "vulnerability": "VCID-39jx-muqb-nkfq" }, { "vulnerability": "VCID-3ugj-6m1e-e3hr" }, { "vulnerability": "VCID-5dxs-cdht-27hw" }, { "vulnerability": "VCID-5hm4-ms5p-uuae" }, { "vulnerability": "VCID-66ru-n2df-b3ay" }, { "vulnerability": "VCID-727q-h3ey-6yc9" }, { "vulnerability": "VCID-8jcy-3kje-fqeh" }, { "vulnerability": "VCID-8p64-6zpt-t3av" }, { "vulnerability": "VCID-953t-q1cr-zyd6" }, { "vulnerability": "VCID-9saf-w56y-pugz" }, { "vulnerability": "VCID-abjx-8v46-d7d8" }, { "vulnerability": "VCID-dd9u-w2y2-87h9" }, { "vulnerability": "VCID-dsqm-9q3e-dudw" }, { "vulnerability": "VCID-e564-zdku-9fc6" }, { "vulnerability": "VCID-eutz-mj58-audb" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-exjy-5cyn-zfg1" }, { "vulnerability": "VCID-fdnw-2tz5-4fdr" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-g9ns-sxkx-aqh1" }, { "vulnerability": "VCID-h217-xe8x-nua3" }, { "vulnerability": "VCID-h7cg-64er-uya9" }, { "vulnerability": "VCID-h7hf-sf2q-73ay" }, { "vulnerability": "VCID-hp99-ncuh-6ugv" }, { "vulnerability": "VCID-hzma-cduk-3uhp" }, { "vulnerability": "VCID-jeqr-9tfu-f7b2" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-jq5y-7h9g-mufa" }, { "vulnerability": "VCID-jqe4-8hzb-mfea" }, { "vulnerability": "VCID-ks1q-a8x2-uqht" }, { "vulnerability": "VCID-m3nc-xbb4-yubr" }, { "vulnerability": "VCID-mctp-nf36-7qdn" }, { "vulnerability": "VCID-nhjv-nke2-2kf8" }, { "vulnerability": "VCID-njsj-bwjq-fyap" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-s97a-nmk8-y3ay" }, { "vulnerability": "VCID-sy7r-d6pv-yba9" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-u4tq-8qnk-5fd7" }, { "vulnerability": "VCID-vq15-t92r-5bhx" }, { "vulnerability": "VCID-xh68-defe-f7ce" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-y1ap-y4az-x7ec" }, { "vulnerability": "VCID-ygw4-jdqu-4fbt" }, { "vulnerability": "VCID-yn6z-9v7k-x7br" }, { "vulnerability": "VCID-yz6t-ge1y-qfgr" }, { "vulnerability": "VCID-zrz3-3dnf-tbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.1" } ], "aliases": [ "GMS-2015-89" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u6h1-ccgw-jqds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37975?format=api", "vulnerability_id": "VCID-ub3e-hrb1-wqac", "summary": "Multiple Cross-Site Scripting vulnerabilities in frontend\nFailing to properly encode editor input, several frontend components are susceptible to Cross-Site Scripting, allowing authenticated editors to inject arbitrary HTML.", "references": [ { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-013/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-013/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/52451?format=api", "purl": "pkg:composer/typo3/cms@7.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r7u-mc45-8yhe" }, { "vulnerability": "VCID-2vpx-fqb6-aqfa" }, { "vulnerability": "VCID-39jx-muqb-nkfq" }, { "vulnerability": "VCID-3ugj-6m1e-e3hr" }, { "vulnerability": "VCID-5dxs-cdht-27hw" }, { "vulnerability": "VCID-5hm4-ms5p-uuae" }, { "vulnerability": "VCID-66ru-n2df-b3ay" }, { "vulnerability": "VCID-727q-h3ey-6yc9" }, { "vulnerability": "VCID-8jcy-3kje-fqeh" }, { "vulnerability": "VCID-8p64-6zpt-t3av" }, { "vulnerability": "VCID-953t-q1cr-zyd6" }, { "vulnerability": "VCID-9saf-w56y-pugz" }, { "vulnerability": "VCID-abjx-8v46-d7d8" }, { "vulnerability": "VCID-dd9u-w2y2-87h9" }, { "vulnerability": "VCID-dsqm-9q3e-dudw" }, { "vulnerability": "VCID-e564-zdku-9fc6" }, { "vulnerability": "VCID-eutz-mj58-audb" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-exjy-5cyn-zfg1" }, { "vulnerability": "VCID-fdnw-2tz5-4fdr" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-g9ns-sxkx-aqh1" }, { "vulnerability": "VCID-h217-xe8x-nua3" }, { "vulnerability": "VCID-h7cg-64er-uya9" }, { "vulnerability": "VCID-h7hf-sf2q-73ay" }, { "vulnerability": "VCID-hp99-ncuh-6ugv" }, { "vulnerability": "VCID-hzma-cduk-3uhp" }, { "vulnerability": "VCID-jeqr-9tfu-f7b2" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-jq5y-7h9g-mufa" }, { "vulnerability": "VCID-jqe4-8hzb-mfea" }, { "vulnerability": "VCID-ks1q-a8x2-uqht" }, { "vulnerability": "VCID-m3nc-xbb4-yubr" }, { "vulnerability": "VCID-mctp-nf36-7qdn" }, { "vulnerability": "VCID-nhjv-nke2-2kf8" }, { "vulnerability": "VCID-njsj-bwjq-fyap" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-s97a-nmk8-y3ay" }, { "vulnerability": "VCID-sy7r-d6pv-yba9" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-u4tq-8qnk-5fd7" }, { "vulnerability": "VCID-vq15-t92r-5bhx" }, { "vulnerability": "VCID-xh68-defe-f7ce" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-y1ap-y4az-x7ec" }, { "vulnerability": "VCID-ygw4-jdqu-4fbt" }, { "vulnerability": "VCID-yn6z-9v7k-x7br" }, { "vulnerability": "VCID-yz6t-ge1y-qfgr" }, { "vulnerability": "VCID-zrz3-3dnf-tbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.1" } ], "aliases": [ "TYPO3-CORE-SA-2015-013" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ub3e-hrb1-wqac" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39555?format=api", "vulnerability_id": "VCID-vq15-t92r-5bhx", "summary": "Cross-site Scripting\nThe page module in TYPO3 is vulnerable to XSS via `$GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename']`, as demonstrated by an admin entering a crafted site name during the installation process.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-6905", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02274", "scoring_system": "epss", "scoring_elements": "0.8496", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-6905" }, { "reference_url": "https://forge.typo3.org/issues/84191", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://forge.typo3.org/issues/84191" }, { "reference_url": "https://github.com/pradeepjairamani/TYPO3-XSS-POC", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pradeepjairamani/TYPO3-XSS-POC" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/d2c0ea7db3b31a796a82f9d39f77f9983beb7c35", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/d2c0ea7db3b31a796a82f9d39f77f9983beb7c35" }, { "reference_url": "http://www.securitytracker.com/id/1040755", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securitytracker.com/id/1040755" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6905", "reference_id": "CVE-2018-6905", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6905" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/55353?format=api", "purl": "pkg:composer/typo3/cms@8.7.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-3ugj-6m1e-e3hr" }, { "vulnerability": "VCID-4eym-e6vt-8fbs" }, { "vulnerability": "VCID-7ch1-q9f4-a7bt" }, { "vulnerability": "VCID-7m6u-k5tp-gkhy" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-953t-q1cr-zyd6" }, { "vulnerability": "VCID-abjx-8v46-d7d8" }, { "vulnerability": "VCID-am6s-67bm-77dr" }, { "vulnerability": "VCID-bn3p-39sv-6fdg" }, { "vulnerability": "VCID-dsqm-9q3e-dudw" }, { "vulnerability": "VCID-emqq-kwjg-3kfk" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fdnw-2tz5-4fdr" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-fut7-bb1f-37g7" }, { "vulnerability": "VCID-hp99-ncuh-6ugv" }, { "vulnerability": "VCID-je4q-svfw-hqda" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-jq5y-7h9g-mufa" }, { "vulnerability": "VCID-k5t3-28es-h3ez" }, { "vulnerability": "VCID-khpm-e1xb-hydb" }, { "vulnerability": "VCID-njsj-bwjq-fyap" }, { "vulnerability": "VCID-nney-azbc-pucg" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-pmvp-twk2-jqe4" }, { "vulnerability": "VCID-qv14-m93d-jyd9" }, { "vulnerability": "VCID-qxab-9uwr-yqhv" }, { "vulnerability": "VCID-rqrw-t2kj-mud8" }, { "vulnerability": "VCID-ru6w-m6q6-27gn" }, { "vulnerability": "VCID-sdsa-mh76-kqch" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-u259-2sxq-tbct" }, { "vulnerability": "VCID-vw2r-g8yy-eyf4" }, { "vulnerability": "VCID-w1wb-mq2y-dfca" }, { "vulnerability": "VCID-x5x1-w7yv-eye9" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-y7ds-p5r2-yuhq" }, { "vulnerability": "VCID-yz6t-ge1y-qfgr" }, { "vulnerability": "VCID-zmwv-gwq3-fkej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/55354?format=api", "purl": "pkg:composer/typo3/cms@9.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-3ugj-6m1e-e3hr" }, { "vulnerability": "VCID-3ye6-vqje-abh4" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-4eym-e6vt-8fbs" }, { "vulnerability": "VCID-4jck-w9ct-budk" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-7ch1-q9f4-a7bt" }, { "vulnerability": "VCID-7m6u-k5tp-gkhy" }, { "vulnerability": "VCID-7xv1-78u7-xufp" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-953t-q1cr-zyd6" }, { "vulnerability": "VCID-9adx-p876-kyb5" }, { "vulnerability": "VCID-abjx-8v46-d7d8" }, { "vulnerability": "VCID-am6s-67bm-77dr" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-cvk2-93hm-gkhx" }, { "vulnerability": "VCID-dsqm-9q3e-dudw" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-emqq-kwjg-3kfk" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-fut7-bb1f-37g7" }, { "vulnerability": "VCID-hp99-ncuh-6ugv" }, { "vulnerability": "VCID-je4q-svfw-hqda" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-jq5y-7h9g-mufa" }, { "vulnerability": "VCID-k5t3-28es-h3ez" }, { "vulnerability": "VCID-khpm-e1xb-hydb" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-njsj-bwjq-fyap" }, { "vulnerability": "VCID-nney-azbc-pucg" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-pmvp-twk2-jqe4" }, { "vulnerability": "VCID-qv14-m93d-jyd9" }, { "vulnerability": "VCID-qxab-9uwr-yqhv" }, { "vulnerability": "VCID-rqrw-t2kj-mud8" }, { "vulnerability": "VCID-ru6w-m6q6-27gn" }, { "vulnerability": "VCID-sdsa-mh76-kqch" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-u259-2sxq-tbct" }, { "vulnerability": "VCID-vw2r-g8yy-eyf4" }, { "vulnerability": "VCID-w1wb-mq2y-dfca" }, { "vulnerability": "VCID-x5x1-w7yv-eye9" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-y7ds-p5r2-yuhq" }, { "vulnerability": "VCID-yz6t-ge1y-qfgr" }, { "vulnerability": "VCID-zeut-9wfp-q7et" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" }, { "vulnerability": "VCID-zmwv-gwq3-fkej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/155544?format=api", "purl": "pkg:composer/typo3/cms@9.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-3ugj-6m1e-e3hr" }, { "vulnerability": "VCID-3ye6-vqje-abh4" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-4eym-e6vt-8fbs" }, { "vulnerability": "VCID-4jck-w9ct-budk" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-7ch1-q9f4-a7bt" }, { "vulnerability": "VCID-7m6u-k5tp-gkhy" }, { "vulnerability": "VCID-7xv1-78u7-xufp" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-953t-q1cr-zyd6" }, { "vulnerability": "VCID-9adx-p876-kyb5" }, { "vulnerability": "VCID-abjx-8v46-d7d8" }, { "vulnerability": "VCID-am6s-67bm-77dr" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-cvk2-93hm-gkhx" }, { "vulnerability": "VCID-dsqm-9q3e-dudw" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-emqq-kwjg-3kfk" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-fut7-bb1f-37g7" }, { "vulnerability": "VCID-hp99-ncuh-6ugv" }, { "vulnerability": "VCID-je4q-svfw-hqda" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-jq5y-7h9g-mufa" }, { "vulnerability": "VCID-k5t3-28es-h3ez" }, { "vulnerability": "VCID-khpm-e1xb-hydb" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-njsj-bwjq-fyap" }, { "vulnerability": "VCID-nney-azbc-pucg" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-pmvp-twk2-jqe4" }, { "vulnerability": "VCID-qv14-m93d-jyd9" }, { "vulnerability": "VCID-qxab-9uwr-yqhv" }, { "vulnerability": "VCID-rqrw-t2kj-mud8" }, { "vulnerability": "VCID-ru6w-m6q6-27gn" }, { "vulnerability": "VCID-sdsa-mh76-kqch" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-u259-2sxq-tbct" }, { "vulnerability": "VCID-vw2r-g8yy-eyf4" }, { "vulnerability": "VCID-w1wb-mq2y-dfca" }, { "vulnerability": "VCID-x5x1-w7yv-eye9" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-y7ds-p5r2-yuhq" }, { "vulnerability": "VCID-yz6t-ge1y-qfgr" }, { "vulnerability": "VCID-zeut-9wfp-q7et" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" }, { "vulnerability": "VCID-zmwv-gwq3-fkej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.2.0" } ], "aliases": [ "CVE-2018-6905", "GHSA-3w22-wrwx-2r75" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vq15-t92r-5bhx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37977?format=api", "vulnerability_id": "VCID-wms8-dnuz-b3hc", "summary": "Multiple Cross-Site Scripting vulnerabilities in backend\nFailing to properly encode user input, several backend components are susceptible to Cross-Site Scripting, allowing authenticated editors to inject arbitrary HTML or JavaScript.", "references": [ { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-011/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-011/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/52451?format=api", "purl": "pkg:composer/typo3/cms@7.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r7u-mc45-8yhe" }, { "vulnerability": "VCID-2vpx-fqb6-aqfa" }, { "vulnerability": "VCID-39jx-muqb-nkfq" }, { "vulnerability": "VCID-3ugj-6m1e-e3hr" }, { "vulnerability": "VCID-5dxs-cdht-27hw" }, { "vulnerability": "VCID-5hm4-ms5p-uuae" }, { "vulnerability": "VCID-66ru-n2df-b3ay" }, { "vulnerability": "VCID-727q-h3ey-6yc9" }, { "vulnerability": "VCID-8jcy-3kje-fqeh" }, { "vulnerability": "VCID-8p64-6zpt-t3av" }, { "vulnerability": "VCID-953t-q1cr-zyd6" }, { "vulnerability": "VCID-9saf-w56y-pugz" }, { "vulnerability": "VCID-abjx-8v46-d7d8" }, { "vulnerability": "VCID-dd9u-w2y2-87h9" }, { "vulnerability": "VCID-dsqm-9q3e-dudw" }, { "vulnerability": "VCID-e564-zdku-9fc6" }, { "vulnerability": "VCID-eutz-mj58-audb" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-exjy-5cyn-zfg1" }, { "vulnerability": "VCID-fdnw-2tz5-4fdr" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-g9ns-sxkx-aqh1" }, { "vulnerability": "VCID-h217-xe8x-nua3" }, { "vulnerability": "VCID-h7cg-64er-uya9" }, { "vulnerability": "VCID-h7hf-sf2q-73ay" }, { "vulnerability": "VCID-hp99-ncuh-6ugv" }, { "vulnerability": "VCID-hzma-cduk-3uhp" }, { "vulnerability": "VCID-jeqr-9tfu-f7b2" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-jq5y-7h9g-mufa" }, { "vulnerability": "VCID-jqe4-8hzb-mfea" }, { "vulnerability": "VCID-ks1q-a8x2-uqht" }, { "vulnerability": "VCID-m3nc-xbb4-yubr" }, { "vulnerability": "VCID-mctp-nf36-7qdn" }, { "vulnerability": "VCID-nhjv-nke2-2kf8" }, { "vulnerability": "VCID-njsj-bwjq-fyap" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-s97a-nmk8-y3ay" }, { "vulnerability": "VCID-sy7r-d6pv-yba9" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-u4tq-8qnk-5fd7" }, { "vulnerability": "VCID-vq15-t92r-5bhx" }, { "vulnerability": "VCID-xh68-defe-f7ce" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-y1ap-y4az-x7ec" }, { "vulnerability": "VCID-ygw4-jdqu-4fbt" }, { "vulnerability": "VCID-yn6z-9v7k-x7br" }, { "vulnerability": "VCID-yz6t-ge1y-qfgr" }, { "vulnerability": "VCID-zrz3-3dnf-tbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.1" } ], "aliases": [ "TYPO3-CORE-SA-2015-011" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wms8-dnuz-b3hc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52106?format=api", "vulnerability_id": "VCID-xw1s-93bu-wuh9", "summary": "Path Traversal\nIt has been discovered that the extraction of manually uploaded ZIP archives in Extension Manager is vulnerable to directory traversal. Admin privileges are required in order to exploit this vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19848", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59393", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19848" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-19848.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-19848.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-19848.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-19848.yaml" }, { "reference_url": "https://review.typo3.org/q/%2522Resolves:+%252388764%2522+topic:security", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://review.typo3.org/q/%2522Resolves:+%252388764%2522+topic:security" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-024", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-024" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2019-024/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2019-024/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19848", "reference_id": "CVE-2019-19848", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19848" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/76375?format=api", "purl": "pkg:composer/typo3/cms@8.7.30", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.30" }, { "url": "http://public2.vulnerablecode.io/api/packages/76376?format=api", "purl": "pkg:composer/typo3/cms@9.5.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-bcbd-zzet-mff6" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/76377?format=api", "purl": "pkg:composer/typo3/cms@10.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-2tz2-8qdm-2kcv" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-6urp-p9mn-cffv" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-bcbd-zzet-mff6" }, { "vulnerability": "VCID-c46m-ht19-ybc4" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-r3az-g422-gqf9" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.2.2" } ], "aliases": [ "CVE-2019-19848", "GHSA-77p4-wfr8-977w" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xw1s-93bu-wuh9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40503?format=api", "vulnerability_id": "VCID-yz6t-ge1y-qfgr", "summary": "Security Misconfiguration in Install Tool Cookie.", "references": [ { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2018-009/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-core-sa-2018-009/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57123?format=api", "purl": "pkg:composer/typo3/cms@7.6.32", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.32" }, { "url": "http://public2.vulnerablecode.io/api/packages/57073?format=api", "purl": "pkg:composer/typo3/cms@8.7.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-4eym-e6vt-8fbs" }, { "vulnerability": "VCID-7m6u-k5tp-gkhy" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-am6s-67bm-77dr" }, { "vulnerability": "VCID-bn3p-39sv-6fdg" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-fut7-bb1f-37g7" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k5t3-28es-h3ez" }, { "vulnerability": "VCID-khpm-e1xb-hydb" }, { "vulnerability": "VCID-nney-azbc-pucg" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-pmvp-twk2-jqe4" }, { "vulnerability": "VCID-qv14-m93d-jyd9" }, { "vulnerability": "VCID-rqrw-t2kj-mud8" }, { "vulnerability": "VCID-ru6w-m6q6-27gn" }, { "vulnerability": "VCID-sdsa-mh76-kqch" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-u259-2sxq-tbct" }, { "vulnerability": "VCID-vw2r-g8yy-eyf4" }, { "vulnerability": "VCID-x5x1-w7yv-eye9" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-y7ds-p5r2-yuhq" }, { "vulnerability": "VCID-zmwv-gwq3-fkej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/57074?format=api", "purl": "pkg:composer/typo3/cms@9.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ffs-9vj5-27hk" }, { "vulnerability": "VCID-1sfk-z8py-ykb8" }, { "vulnerability": "VCID-3ye6-vqje-abh4" }, { "vulnerability": "VCID-4an7-9ph4-mkd4" }, { "vulnerability": "VCID-4eym-e6vt-8fbs" }, { "vulnerability": "VCID-4jck-w9ct-budk" }, { "vulnerability": "VCID-6mnf-2fcw-dqgp" }, { "vulnerability": "VCID-7m6u-k5tp-gkhy" }, { "vulnerability": "VCID-7xv1-78u7-xufp" }, { "vulnerability": "VCID-848u-w88s-5bbe" }, { "vulnerability": "VCID-8w4e-d49b-nbg8" }, { "vulnerability": "VCID-9adx-p876-kyb5" }, { "vulnerability": "VCID-am6s-67bm-77dr" }, { "vulnerability": "VCID-bbh5-rss8-bfct" }, { "vulnerability": "VCID-cvk2-93hm-gkhx" }, { "vulnerability": "VCID-e6zr-4bgg-kkh5" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-fut7-bb1f-37g7" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-k5t3-28es-h3ez" }, { "vulnerability": "VCID-khpm-e1xb-hydb" }, { "vulnerability": "VCID-n1gz-y615-cbbk" }, { "vulnerability": "VCID-nney-azbc-pucg" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-pmvp-twk2-jqe4" }, { "vulnerability": "VCID-qv14-m93d-jyd9" }, { "vulnerability": "VCID-rqrw-t2kj-mud8" }, { "vulnerability": "VCID-ru6w-m6q6-27gn" }, { "vulnerability": "VCID-sdsa-mh76-kqch" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-u259-2sxq-tbct" }, { "vulnerability": "VCID-vw2r-g8yy-eyf4" }, { "vulnerability": "VCID-x5x1-w7yv-eye9" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-y7ds-p5r2-yuhq" }, { "vulnerability": "VCID-zeut-9wfp-q7et" }, { "vulnerability": "VCID-zkvq-bms4-gfcv" }, { "vulnerability": "VCID-zmwv-gwq3-fkej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.2" } ], "aliases": [ "GMS-2018-100" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yz6t-ge1y-qfgr" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37919?format=api", "vulnerability_id": "VCID-c57c-akce-xufq", "summary": "Cross-Site Scripting Vulnerability\nIt has been discovered, that it is possible to forge a link to a backend module, which contains a JavaScript payload. This JavaScript is executed, if an authenticated editor with access to the module follows the link that, is tricked to click on a certain HTML target. Because TYPO3 include a secret token unknown to an attacker in every URL, an exploit would not be feasible for these versions.", "references": [ { "reference_url": "http://packetstormsecurity.com/files/133551/Typo3-CMS-6.2.14-4.5.40-Cross-Site-Scripting.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://packetstormsecurity.com/files/133551/Typo3-CMS-6.2.14-4.5.40-Cross-Site-Scripting.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5956", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.37817", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5956" }, { "reference_url": "http://seclists.org/fulldisclosure/2015/Sep/57", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/fulldisclosure/2015/Sep/57" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2015-5956.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2015-5956.yaml" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5956", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5956" }, { "reference_url": "https://review.typo3.org/#/c/43122/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://review.typo3.org/#/c/43122/" }, { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-009", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-009" }, { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-009/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-009/" }, { "reference_url": "http://www.securityfocus.com/archive/1/536464/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/archive/1/536464/100/0/threaded" }, { "reference_url": "http://www.securitytracker.com/id/1033551", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securitytracker.com/id/1033551" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/52366?format=api", "purl": "pkg:composer/typo3/cms@6.2.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1efr-h9gq-r7h1" }, { "vulnerability": "VCID-2r7u-mc45-8yhe" }, { "vulnerability": "VCID-39jx-muqb-nkfq" }, { "vulnerability": "VCID-5dxs-cdht-27hw" }, { "vulnerability": "VCID-5hm4-ms5p-uuae" }, { "vulnerability": "VCID-727q-h3ey-6yc9" }, { "vulnerability": "VCID-8jcy-3kje-fqeh" }, { "vulnerability": "VCID-8p64-6zpt-t3av" }, { "vulnerability": "VCID-8vum-snng-jfcv" }, { "vulnerability": "VCID-ansr-8m5j-pya6" }, { "vulnerability": "VCID-dd9u-w2y2-87h9" }, { "vulnerability": "VCID-dw8z-wtph-skey" }, { "vulnerability": "VCID-e82x-2cdb-7fgn" }, { "vulnerability": "VCID-ebku-sk43-m7bf" }, { "vulnerability": "VCID-eutz-mj58-audb" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-exjy-5cyn-zfg1" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-g9ns-sxkx-aqh1" }, { "vulnerability": "VCID-h217-xe8x-nua3" }, { "vulnerability": "VCID-h7hf-sf2q-73ay" }, { "vulnerability": "VCID-huxd-2e6q-abak" }, { "vulnerability": "VCID-hzma-cduk-3uhp" }, { "vulnerability": "VCID-jeqr-9tfu-f7b2" }, { "vulnerability": "VCID-kj76-rsr8-yqb3" }, { "vulnerability": "VCID-kqu8-8c1n-73hr" }, { "vulnerability": "VCID-ks1q-a8x2-uqht" }, { "vulnerability": "VCID-m3nc-xbb4-yubr" }, { "vulnerability": "VCID-n18b-qe5x-z7cj" }, { "vulnerability": "VCID-n326-yy8y-xuap" }, { "vulnerability": "VCID-nhjv-nke2-2kf8" }, { "vulnerability": "VCID-nqqc-nkwq-rqhx" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-s97a-nmk8-y3ay" }, { "vulnerability": "VCID-sn8n-mawq-3uht" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-u4tq-8qnk-5fd7" }, { "vulnerability": "VCID-u6h1-ccgw-jqds" }, { "vulnerability": "VCID-ub3e-hrb1-wqac" }, { "vulnerability": "VCID-vq15-t92r-5bhx" }, { "vulnerability": "VCID-wk4s-4bcd-2yb5" }, { "vulnerability": "VCID-wms8-dnuz-b3hc" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-y1ap-y4az-x7ec" }, { "vulnerability": "VCID-yn6z-9v7k-x7br" }, { "vulnerability": "VCID-zrz3-3dnf-tbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.15" }, { "url": "http://public2.vulnerablecode.io/api/packages/52367?format=api", "purl": "pkg:composer/typo3/cms@7.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ugj-6m1e-e3hr" }, { "vulnerability": "VCID-5hm4-ms5p-uuae" }, { "vulnerability": "VCID-8jcy-3kje-fqeh" }, { "vulnerability": "VCID-953t-q1cr-zyd6" }, { "vulnerability": "VCID-abjx-8v46-d7d8" }, { "vulnerability": "VCID-ansr-8m5j-pya6" }, { "vulnerability": "VCID-dsqm-9q3e-dudw" }, { "vulnerability": "VCID-e82x-2cdb-7fgn" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fdnw-2tz5-4fdr" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hp99-ncuh-6ugv" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-jq5y-7h9g-mufa" }, { "vulnerability": "VCID-n18b-qe5x-z7cj" }, { "vulnerability": "VCID-nhjv-nke2-2kf8" }, { "vulnerability": "VCID-njsj-bwjq-fyap" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-u6h1-ccgw-jqds" }, { "vulnerability": "VCID-ub3e-hrb1-wqac" }, { "vulnerability": "VCID-vq15-t92r-5bhx" }, { "vulnerability": "VCID-wms8-dnuz-b3hc" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-yz6t-ge1y-qfgr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.4.0" } ], "aliases": [ "CVE-2015-5956", "GHSA-989h-wv8x-933p" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c57c-akce-xufq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37908?format=api", "vulnerability_id": "VCID-j6x1-dfre-2bdq", "summary": "Unauthenticated Path Disclosure\nIt has been discovered, that calling a PHP script which is delivered with TYPO3 for testing purposes, discloses the absolute server path to the TYPO3 installation.", "references": [ { "reference_url": "https://review.typo3.org/#/c/43120/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://review.typo3.org/#/c/43120/" }, { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-008/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-008/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/52366?format=api", "purl": "pkg:composer/typo3/cms@6.2.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1efr-h9gq-r7h1" }, { "vulnerability": "VCID-2r7u-mc45-8yhe" }, { "vulnerability": "VCID-39jx-muqb-nkfq" }, { "vulnerability": "VCID-5dxs-cdht-27hw" }, { "vulnerability": "VCID-5hm4-ms5p-uuae" }, { "vulnerability": "VCID-727q-h3ey-6yc9" }, { "vulnerability": "VCID-8jcy-3kje-fqeh" }, { "vulnerability": "VCID-8p64-6zpt-t3av" }, { "vulnerability": "VCID-8vum-snng-jfcv" }, { "vulnerability": "VCID-ansr-8m5j-pya6" }, { "vulnerability": "VCID-dd9u-w2y2-87h9" }, { "vulnerability": "VCID-dw8z-wtph-skey" }, { "vulnerability": "VCID-e82x-2cdb-7fgn" }, { "vulnerability": "VCID-ebku-sk43-m7bf" }, { "vulnerability": "VCID-eutz-mj58-audb" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-exjy-5cyn-zfg1" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-g9ns-sxkx-aqh1" }, { "vulnerability": "VCID-h217-xe8x-nua3" }, { "vulnerability": "VCID-h7hf-sf2q-73ay" }, { "vulnerability": "VCID-huxd-2e6q-abak" }, { "vulnerability": "VCID-hzma-cduk-3uhp" }, { "vulnerability": "VCID-jeqr-9tfu-f7b2" }, { "vulnerability": "VCID-kj76-rsr8-yqb3" }, { "vulnerability": "VCID-kqu8-8c1n-73hr" }, { "vulnerability": "VCID-ks1q-a8x2-uqht" }, { "vulnerability": "VCID-m3nc-xbb4-yubr" }, { "vulnerability": "VCID-n18b-qe5x-z7cj" }, { "vulnerability": "VCID-n326-yy8y-xuap" }, { "vulnerability": "VCID-nhjv-nke2-2kf8" }, { "vulnerability": "VCID-nqqc-nkwq-rqhx" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-s97a-nmk8-y3ay" }, { "vulnerability": "VCID-sn8n-mawq-3uht" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-u4tq-8qnk-5fd7" }, { "vulnerability": "VCID-u6h1-ccgw-jqds" }, { "vulnerability": "VCID-ub3e-hrb1-wqac" }, { "vulnerability": "VCID-vq15-t92r-5bhx" }, { "vulnerability": "VCID-wk4s-4bcd-2yb5" }, { "vulnerability": "VCID-wms8-dnuz-b3hc" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-y1ap-y4az-x7ec" }, { "vulnerability": "VCID-yn6z-9v7k-x7br" }, { "vulnerability": "VCID-zrz3-3dnf-tbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.15" }, { "url": "http://public2.vulnerablecode.io/api/packages/52367?format=api", "purl": "pkg:composer/typo3/cms@7.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ugj-6m1e-e3hr" }, { "vulnerability": "VCID-5hm4-ms5p-uuae" }, { "vulnerability": "VCID-8jcy-3kje-fqeh" }, { "vulnerability": "VCID-953t-q1cr-zyd6" }, { "vulnerability": "VCID-abjx-8v46-d7d8" }, { "vulnerability": "VCID-ansr-8m5j-pya6" }, { "vulnerability": "VCID-dsqm-9q3e-dudw" }, { "vulnerability": "VCID-e82x-2cdb-7fgn" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fdnw-2tz5-4fdr" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hp99-ncuh-6ugv" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-jq5y-7h9g-mufa" }, { "vulnerability": "VCID-n18b-qe5x-z7cj" }, { "vulnerability": "VCID-nhjv-nke2-2kf8" }, { "vulnerability": "VCID-njsj-bwjq-fyap" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-u6h1-ccgw-jqds" }, { "vulnerability": "VCID-ub3e-hrb1-wqac" }, { "vulnerability": "VCID-vq15-t92r-5bhx" }, { "vulnerability": "VCID-wms8-dnuz-b3hc" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-yz6t-ge1y-qfgr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.4.0" } ], "aliases": [ "GMS-2015-25" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j6x1-dfre-2bdq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/55085?format=api", "vulnerability_id": "VCID-zru2-9g25-77dc", "summary": "TYPO3 Frontend vulnerable to Unauthenticated Path Disclosure\nIt has been discovered, that calling a PHP script which is delivered with TYPO3 for testing purposes, discloses the absolute server path to the TYPO3 installation.", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2015-09-08-1.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2015-09-08-1.yaml" }, { "reference_url": "https://github.com/TYPO3/typo3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3" }, { "reference_url": "https://github.com/TYPO3/typo3/commit/ed1e46f89c8e5f699ced245e873d0eff21e5c75e", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/TYPO3/typo3/commit/ed1e46f89c8e5f699ced245e873d0eff21e5c75e" }, { "reference_url": "https://typo3.org/security/advisory/typo3-core-sa-2015-008", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/security/advisory/typo3-core-sa-2015-008" }, { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-008", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-008" }, { "reference_url": "https://github.com/advisories/GHSA-pqfv-97hj-g97g", "reference_id": "GHSA-pqfv-97hj-g97g", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-pqfv-97hj-g97g" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/52366?format=api", "purl": "pkg:composer/typo3/cms@6.2.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1efr-h9gq-r7h1" }, { "vulnerability": "VCID-2r7u-mc45-8yhe" }, { "vulnerability": "VCID-39jx-muqb-nkfq" }, { "vulnerability": "VCID-5dxs-cdht-27hw" }, { "vulnerability": "VCID-5hm4-ms5p-uuae" }, { "vulnerability": "VCID-727q-h3ey-6yc9" }, { "vulnerability": "VCID-8jcy-3kje-fqeh" }, { "vulnerability": "VCID-8p64-6zpt-t3av" }, { "vulnerability": "VCID-8vum-snng-jfcv" }, { "vulnerability": "VCID-ansr-8m5j-pya6" }, { "vulnerability": "VCID-dd9u-w2y2-87h9" }, { "vulnerability": "VCID-dw8z-wtph-skey" }, { "vulnerability": "VCID-e82x-2cdb-7fgn" }, { "vulnerability": "VCID-ebku-sk43-m7bf" }, { "vulnerability": "VCID-eutz-mj58-audb" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-exjy-5cyn-zfg1" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-g9ns-sxkx-aqh1" }, { "vulnerability": "VCID-h217-xe8x-nua3" }, { "vulnerability": "VCID-h7hf-sf2q-73ay" }, { "vulnerability": "VCID-huxd-2e6q-abak" }, { "vulnerability": "VCID-hzma-cduk-3uhp" }, { "vulnerability": "VCID-jeqr-9tfu-f7b2" }, { "vulnerability": "VCID-kj76-rsr8-yqb3" }, { "vulnerability": "VCID-kqu8-8c1n-73hr" }, { "vulnerability": "VCID-ks1q-a8x2-uqht" }, { "vulnerability": "VCID-m3nc-xbb4-yubr" }, { "vulnerability": "VCID-n18b-qe5x-z7cj" }, { "vulnerability": "VCID-n326-yy8y-xuap" }, { "vulnerability": "VCID-nhjv-nke2-2kf8" }, { "vulnerability": "VCID-nqqc-nkwq-rqhx" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-s97a-nmk8-y3ay" }, { "vulnerability": "VCID-sn8n-mawq-3uht" }, { "vulnerability": "VCID-tgyt-axv1-c7ag" }, { "vulnerability": "VCID-u4tq-8qnk-5fd7" }, { "vulnerability": "VCID-u6h1-ccgw-jqds" }, { "vulnerability": "VCID-ub3e-hrb1-wqac" }, { "vulnerability": "VCID-vq15-t92r-5bhx" }, { "vulnerability": "VCID-wk4s-4bcd-2yb5" }, { "vulnerability": "VCID-wms8-dnuz-b3hc" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-y1ap-y4az-x7ec" }, { "vulnerability": "VCID-yn6z-9v7k-x7br" }, { "vulnerability": "VCID-zrz3-3dnf-tbay" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.15" }, { "url": "http://public2.vulnerablecode.io/api/packages/52367?format=api", "purl": "pkg:composer/typo3/cms@7.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ugj-6m1e-e3hr" }, { "vulnerability": "VCID-5hm4-ms5p-uuae" }, { "vulnerability": "VCID-8jcy-3kje-fqeh" }, { "vulnerability": "VCID-953t-q1cr-zyd6" }, { "vulnerability": "VCID-abjx-8v46-d7d8" }, { "vulnerability": "VCID-ansr-8m5j-pya6" }, { "vulnerability": "VCID-dsqm-9q3e-dudw" }, { "vulnerability": "VCID-e82x-2cdb-7fgn" }, { "vulnerability": "VCID-ev4k-5k1d-2bhu" }, { "vulnerability": "VCID-fdnw-2tz5-4fdr" }, { "vulnerability": "VCID-fqkx-v8t5-q3h6" }, { "vulnerability": "VCID-hp99-ncuh-6ugv" }, { "vulnerability": "VCID-jp1p-rfxa-hyd9" }, { "vulnerability": "VCID-jq5y-7h9g-mufa" }, { "vulnerability": "VCID-n18b-qe5x-z7cj" }, { "vulnerability": "VCID-nhjv-nke2-2kf8" }, { "vulnerability": "VCID-njsj-bwjq-fyap" }, { "vulnerability": "VCID-p7gd-anw2-1qbz" }, { "vulnerability": "VCID-u6h1-ccgw-jqds" }, { "vulnerability": "VCID-ub3e-hrb1-wqac" }, { "vulnerability": "VCID-vq15-t92r-5bhx" }, { "vulnerability": "VCID-wms8-dnuz-b3hc" }, { "vulnerability": "VCID-xw1s-93bu-wuh9" }, { "vulnerability": "VCID-yz6t-ge1y-qfgr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.4.0" } ], "aliases": [ "GHSA-pqfv-97hj-g97g" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zru2-9g25-77dc" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.4.0" }