Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/typo3/cms@6.1.0
Typecomposer
Namespacetypo3
Namecms
Version6.1.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version9.5.25
Latest_non_vulnerable_version12.2.0
Affected_by_vulnerabilities
0
url VCID-2f2m-tcjn-fyby
vulnerability_id VCID-2f2m-tcjn-fyby
summary 
Typo3 Vulnerable to Cache Poisoning
**Problem Description:** A request URL with arbitrary arguments, but still pointing to the home page of  a TYPO3 installation can be cached if the configuration option `config.prefixLocalAnchors` is used with the values "all" or "cached". The impact of this vulnerability is that unfamiliar looking links to the home page can end up in the cache, which leads to a reload of the page in the browser when section links are followed by web page visitors, instead of just directly jumping to the requested section of the page. TYPO3 versions 4.6.x and higher are only affected if the homepage is not a shortcut to a different page.

**Solution:** Removing the configuration options `config.prefixLocalAnchors` (and optionally also config.baseUrl) in favor of `config.absRefPrefix`

**Credits:** Thanks to Gernot Leitgab who discovered and reported the vulnerability.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-9509
reference_id
reference_type
scores
0
value 0.00633
scoring_system epss
scoring_elements 0.70755
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-9509
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-9509
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-9509
2
reference_url http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-003
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-003
3
reference_url http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-003/
reference_id
reference_type
scores
url http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-003/
4
reference_url https://github.com/advisories/GHSA-5479-gqqr-f9gj
reference_id GHSA-5479-gqqr-f9gj
reference_type
scores
url https://github.com/advisories/GHSA-5479-gqqr-f9gj
fixed_packages
0
url pkg:composer/typo3/cms@6.1.13
purl pkg:composer/typo3/cms@6.1.13
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.1.13
1
url pkg:composer/typo3/cms@6.2.9
purl pkg:composer/typo3/cms@6.2.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1efr-h9gq-r7h1
1
vulnerability VCID-1u4r-r97q-3yfk
2
vulnerability VCID-2r7u-mc45-8yhe
3
vulnerability VCID-39jx-muqb-nkfq
4
vulnerability VCID-5dxs-cdht-27hw
5
vulnerability VCID-5hm4-ms5p-uuae
6
vulnerability VCID-727q-h3ey-6yc9
7
vulnerability VCID-7n9x-c9gs-9yb3
8
vulnerability VCID-8jcy-3kje-fqeh
9
vulnerability VCID-8p64-6zpt-t3av
10
vulnerability VCID-8vum-snng-jfcv
11
vulnerability VCID-ansr-8m5j-pya6
12
vulnerability VCID-c57c-akce-xufq
13
vulnerability VCID-dd9u-w2y2-87h9
14
vulnerability VCID-dw8z-wtph-skey
15
vulnerability VCID-dwjk-7sqh-hqa8
16
vulnerability VCID-e1gr-txgg-fqa6
17
vulnerability VCID-e82x-2cdb-7fgn
18
vulnerability VCID-ebku-sk43-m7bf
19
vulnerability VCID-ec17-eauu-67d3
20
vulnerability VCID-eutz-mj58-audb
21
vulnerability VCID-ev4k-5k1d-2bhu
22
vulnerability VCID-exjy-5cyn-zfg1
23
vulnerability VCID-fqkx-v8t5-q3h6
24
vulnerability VCID-g9ns-sxkx-aqh1
25
vulnerability VCID-h217-xe8x-nua3
26
vulnerability VCID-h7hf-sf2q-73ay
27
vulnerability VCID-huxd-2e6q-abak
28
vulnerability VCID-hzma-cduk-3uhp
29
vulnerability VCID-j6x1-dfre-2bdq
30
vulnerability VCID-jeqr-9tfu-f7b2
31
vulnerability VCID-kj76-rsr8-yqb3
32
vulnerability VCID-kqu8-8c1n-73hr
33
vulnerability VCID-ks1q-a8x2-uqht
34
vulnerability VCID-m3nc-xbb4-yubr
35
vulnerability VCID-n18b-qe5x-z7cj
36
vulnerability VCID-n326-yy8y-xuap
37
vulnerability VCID-nhjv-nke2-2kf8
38
vulnerability VCID-nqqc-nkwq-rqhx
39
vulnerability VCID-p7gd-anw2-1qbz
40
vulnerability VCID-q5f3-nhjn-hyb4
41
vulnerability VCID-rae3-cugy-hbh5
42
vulnerability VCID-s97a-nmk8-y3ay
43
vulnerability VCID-sn8n-mawq-3uht
44
vulnerability VCID-tgyt-axv1-c7ag
45
vulnerability VCID-u4tq-8qnk-5fd7
46
vulnerability VCID-u6h1-ccgw-jqds
47
vulnerability VCID-ub3e-hrb1-wqac
48
vulnerability VCID-vq15-t92r-5bhx
49
vulnerability VCID-wk4s-4bcd-2yb5
50
vulnerability VCID-wms8-dnuz-b3hc
51
vulnerability VCID-xw1s-93bu-wuh9
52
vulnerability VCID-y1ap-y4az-x7ec
53
vulnerability VCID-yn6z-9v7k-x7br
54
vulnerability VCID-zrz3-3dnf-tbay
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.9
2
url pkg:composer/typo3/cms@7.0.2
purl pkg:composer/typo3/cms@7.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1u4r-r97q-3yfk
1
vulnerability VCID-3ugj-6m1e-e3hr
2
vulnerability VCID-5hm4-ms5p-uuae
3
vulnerability VCID-7n9x-c9gs-9yb3
4
vulnerability VCID-8jcy-3kje-fqeh
5
vulnerability VCID-953t-q1cr-zyd6
6
vulnerability VCID-abjx-8v46-d7d8
7
vulnerability VCID-ansr-8m5j-pya6
8
vulnerability VCID-c57c-akce-xufq
9
vulnerability VCID-dsqm-9q3e-dudw
10
vulnerability VCID-dwjk-7sqh-hqa8
11
vulnerability VCID-e1gr-txgg-fqa6
12
vulnerability VCID-e82x-2cdb-7fgn
13
vulnerability VCID-ec17-eauu-67d3
14
vulnerability VCID-ev4k-5k1d-2bhu
15
vulnerability VCID-fdnw-2tz5-4fdr
16
vulnerability VCID-fqkx-v8t5-q3h6
17
vulnerability VCID-hp99-ncuh-6ugv
18
vulnerability VCID-j6x1-dfre-2bdq
19
vulnerability VCID-jp1p-rfxa-hyd9
20
vulnerability VCID-jq5y-7h9g-mufa
21
vulnerability VCID-n18b-qe5x-z7cj
22
vulnerability VCID-nhjv-nke2-2kf8
23
vulnerability VCID-njsj-bwjq-fyap
24
vulnerability VCID-nqqc-nkwq-rqhx
25
vulnerability VCID-p7gd-anw2-1qbz
26
vulnerability VCID-q5f3-nhjn-hyb4
27
vulnerability VCID-rae3-cugy-hbh5
28
vulnerability VCID-u6h1-ccgw-jqds
29
vulnerability VCID-ub3e-hrb1-wqac
30
vulnerability VCID-vq15-t92r-5bhx
31
vulnerability VCID-wms8-dnuz-b3hc
32
vulnerability VCID-xw1s-93bu-wuh9
33
vulnerability VCID-yz6t-ge1y-qfgr
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.0.2
aliases CVE-2014-9509, GHSA-5479-gqqr-f9gj
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2f2m-tcjn-fyby
1
url VCID-88un-etsg-2qas
vulnerability_id VCID-88un-etsg-2qas
summary 
ExtJS JavaScript framework used in TYPO3 vulnerable to Cross-site Scripting
Failing to properly validate the HTTP host-header TYPO3 CMS is susceptible to host spoofing. TYPO3 uses the HTTP host-header to generate absolute URLs in several places like 404 handling, http(s) enforcement, password reset links and many more. Since the host header itself is provided by the client it can be forged to any value, even in a name based virtual hosts environment. A blog post describes this problem in great detail.
references
0
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2014-05-22-1.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2014-05-22-1.yaml
1
reference_url https://github.com/TYPO3/typo3
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3
2
reference_url https://github.com/TYPO3/typo3/commit/32efb1b03573d51391126c90cd87c74b3dc457fb
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3/commit/32efb1b03573d51391126c90cd87c74b3dc457fb
3
reference_url https://github.com/TYPO3/typo3/commit/9bd777649e4022c89dbf39ca41988a594b5e94b8
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3/commit/9bd777649e4022c89dbf39ca41988a594b5e94b8
4
reference_url https://github.com/TYPO3/typo3/commit/c39bca9613c311dd12e61771dd311b1bb2283b8d
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3/commit/c39bca9613c311dd12e61771dd311b1bb2283b8d
5
reference_url https://github.com/TYPO3/typo3/commit/d554ac5323f3b0fac1fce4c2c491d0123badd669
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3/commit/d554ac5323f3b0fac1fce4c2c491d0123badd669
6
reference_url https://typo3.org/security/advisory/typo3-core-sa-2014-001
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2014-001
7
reference_url https://web.archive.org/web/20140531042943/http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20140531042943/http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001
8
reference_url https://github.com/advisories/GHSA-mxjf-hc9v-xgv2
reference_id GHSA-mxjf-hc9v-xgv2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mxjf-hc9v-xgv2
fixed_packages
0
url pkg:composer/typo3/cms@6.1.9
purl pkg:composer/typo3/cms@6.1.9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.1.9
1
url pkg:composer/typo3/cms@6.2.3
purl pkg:composer/typo3/cms@6.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1efr-h9gq-r7h1
1
vulnerability VCID-1u4r-r97q-3yfk
2
vulnerability VCID-2r7u-mc45-8yhe
3
vulnerability VCID-39jx-muqb-nkfq
4
vulnerability VCID-3ump-aca5-g7b6
5
vulnerability VCID-5dxs-cdht-27hw
6
vulnerability VCID-5hm4-ms5p-uuae
7
vulnerability VCID-6u6t-uy5y-5fd6
8
vulnerability VCID-727q-h3ey-6yc9
9
vulnerability VCID-7n9x-c9gs-9yb3
10
vulnerability VCID-8jcy-3kje-fqeh
11
vulnerability VCID-8p64-6zpt-t3av
12
vulnerability VCID-8vum-snng-jfcv
13
vulnerability VCID-ansr-8m5j-pya6
14
vulnerability VCID-c57c-akce-xufq
15
vulnerability VCID-dd9u-w2y2-87h9
16
vulnerability VCID-dw8z-wtph-skey
17
vulnerability VCID-dwjk-7sqh-hqa8
18
vulnerability VCID-e1gr-txgg-fqa6
19
vulnerability VCID-e82x-2cdb-7fgn
20
vulnerability VCID-ebku-sk43-m7bf
21
vulnerability VCID-ec17-eauu-67d3
22
vulnerability VCID-eutz-mj58-audb
23
vulnerability VCID-ev4k-5k1d-2bhu
24
vulnerability VCID-exjy-5cyn-zfg1
25
vulnerability VCID-fqkx-v8t5-q3h6
26
vulnerability VCID-g9ns-sxkx-aqh1
27
vulnerability VCID-h217-xe8x-nua3
28
vulnerability VCID-h7hf-sf2q-73ay
29
vulnerability VCID-huxd-2e6q-abak
30
vulnerability VCID-hzma-cduk-3uhp
31
vulnerability VCID-j6x1-dfre-2bdq
32
vulnerability VCID-jeqr-9tfu-f7b2
33
vulnerability VCID-jx9x-wxwq-5khx
34
vulnerability VCID-kj76-rsr8-yqb3
35
vulnerability VCID-kqu8-8c1n-73hr
36
vulnerability VCID-ks1q-a8x2-uqht
37
vulnerability VCID-m3nc-xbb4-yubr
38
vulnerability VCID-n18b-qe5x-z7cj
39
vulnerability VCID-n326-yy8y-xuap
40
vulnerability VCID-nhjv-nke2-2kf8
41
vulnerability VCID-nqqc-nkwq-rqhx
42
vulnerability VCID-p7gd-anw2-1qbz
43
vulnerability VCID-q5f3-nhjn-hyb4
44
vulnerability VCID-rae3-cugy-hbh5
45
vulnerability VCID-s97a-nmk8-y3ay
46
vulnerability VCID-sn8n-mawq-3uht
47
vulnerability VCID-tgyt-axv1-c7ag
48
vulnerability VCID-u4tq-8qnk-5fd7
49
vulnerability VCID-u6h1-ccgw-jqds
50
vulnerability VCID-ub3e-hrb1-wqac
51
vulnerability VCID-vq15-t92r-5bhx
52
vulnerability VCID-wk4s-4bcd-2yb5
53
vulnerability VCID-wms8-dnuz-b3hc
54
vulnerability VCID-xw1s-93bu-wuh9
55
vulnerability VCID-y1ap-y4az-x7ec
56
vulnerability VCID-yn6z-9v7k-x7br
57
vulnerability VCID-zpxz-291y-x3c7
58
vulnerability VCID-zrz3-3dnf-tbay
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.3
aliases GHSA-mxjf-hc9v-xgv2
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-88un-etsg-2qas
2
url VCID-a1kt-str6-rqec
vulnerability_id VCID-a1kt-str6-rqec
summary 
TYPO3 Arbitrary Shell Execution in Swiftmailer library
The swiftmailer library in use allows to execute arbitrary shell commands if the "From" header comes from a non-trusted source and no "Return-Path" is configured. Affected are only TYPO3 installation the configuration option
```
$GLOBALS['TYPO3_CONF_VARS']['MAIL']['transport']
```
is set to "sendmail". Installations with the default configuration are not affected.
references
0
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2014-10-22-2.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2014-10-22-2.yaml
1
reference_url https://github.com/TYPO3/typo3
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3
2
reference_url https://github.com/TYPO3/typo3/commit/313c4bba53dd78803a9ee97c1f6f1d450a521521
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3/commit/313c4bba53dd78803a9ee97c1f6f1d450a521521
3
reference_url https://github.com/TYPO3/typo3/commit/6af37574e063929eaab066dd9920b1fa8815da12
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3/commit/6af37574e063929eaab066dd9920b1fa8815da12
4
reference_url https://github.com/TYPO3/typo3/commit/dbdd9f22b7cebf43f2e4abdb2a6a8a9f32af8f61
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3/commit/dbdd9f22b7cebf43f2e4abdb2a6a8a9f32af8f61
5
reference_url https://github.com/TYPO3/typo3/commit/ead183c5acf25b7e1121adee5a5860bd9b5f05a2
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3/commit/ead183c5acf25b7e1121adee5a5860bd9b5f05a2
6
reference_url https://typo3.org/security/advisory/typo3-core-sa-2014-002
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2014-002
7
reference_url https://github.com/advisories/GHSA-45xg-4w5x-j429
reference_id GHSA-45xg-4w5x-j429
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-45xg-4w5x-j429
fixed_packages
0
url pkg:composer/typo3/cms@6.1.12
purl pkg:composer/typo3/cms@6.1.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2f2m-tcjn-fyby
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.1.12
1
url pkg:composer/typo3/cms@6.2.6
purl pkg:composer/typo3/cms@6.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1efr-h9gq-r7h1
1
vulnerability VCID-1u4r-r97q-3yfk
2
vulnerability VCID-2r7u-mc45-8yhe
3
vulnerability VCID-39jx-muqb-nkfq
4
vulnerability VCID-5dxs-cdht-27hw
5
vulnerability VCID-5hm4-ms5p-uuae
6
vulnerability VCID-6u6t-uy5y-5fd6
7
vulnerability VCID-727q-h3ey-6yc9
8
vulnerability VCID-7n9x-c9gs-9yb3
9
vulnerability VCID-8jcy-3kje-fqeh
10
vulnerability VCID-8p64-6zpt-t3av
11
vulnerability VCID-8vum-snng-jfcv
12
vulnerability VCID-ansr-8m5j-pya6
13
vulnerability VCID-c57c-akce-xufq
14
vulnerability VCID-dd9u-w2y2-87h9
15
vulnerability VCID-dw8z-wtph-skey
16
vulnerability VCID-dwjk-7sqh-hqa8
17
vulnerability VCID-e1gr-txgg-fqa6
18
vulnerability VCID-e82x-2cdb-7fgn
19
vulnerability VCID-ebku-sk43-m7bf
20
vulnerability VCID-ec17-eauu-67d3
21
vulnerability VCID-eutz-mj58-audb
22
vulnerability VCID-ev4k-5k1d-2bhu
23
vulnerability VCID-exjy-5cyn-zfg1
24
vulnerability VCID-fqkx-v8t5-q3h6
25
vulnerability VCID-g9ns-sxkx-aqh1
26
vulnerability VCID-h217-xe8x-nua3
27
vulnerability VCID-h7hf-sf2q-73ay
28
vulnerability VCID-huxd-2e6q-abak
29
vulnerability VCID-hzma-cduk-3uhp
30
vulnerability VCID-j6x1-dfre-2bdq
31
vulnerability VCID-jeqr-9tfu-f7b2
32
vulnerability VCID-jx9x-wxwq-5khx
33
vulnerability VCID-kj76-rsr8-yqb3
34
vulnerability VCID-kqu8-8c1n-73hr
35
vulnerability VCID-ks1q-a8x2-uqht
36
vulnerability VCID-m3nc-xbb4-yubr
37
vulnerability VCID-n18b-qe5x-z7cj
38
vulnerability VCID-n326-yy8y-xuap
39
vulnerability VCID-nhjv-nke2-2kf8
40
vulnerability VCID-nqqc-nkwq-rqhx
41
vulnerability VCID-p7gd-anw2-1qbz
42
vulnerability VCID-q5f3-nhjn-hyb4
43
vulnerability VCID-rae3-cugy-hbh5
44
vulnerability VCID-s97a-nmk8-y3ay
45
vulnerability VCID-sn8n-mawq-3uht
46
vulnerability VCID-tgyt-axv1-c7ag
47
vulnerability VCID-u4tq-8qnk-5fd7
48
vulnerability VCID-u6h1-ccgw-jqds
49
vulnerability VCID-ub3e-hrb1-wqac
50
vulnerability VCID-vq15-t92r-5bhx
51
vulnerability VCID-wk4s-4bcd-2yb5
52
vulnerability VCID-wms8-dnuz-b3hc
53
vulnerability VCID-xw1s-93bu-wuh9
54
vulnerability VCID-y1ap-y4az-x7ec
55
vulnerability VCID-yn6z-9v7k-x7br
56
vulnerability VCID-zrz3-3dnf-tbay
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.6
aliases GHSA-45xg-4w5x-j429
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a1kt-str6-rqec
3
url VCID-fmx7-p3ap-xfgh
vulnerability_id VCID-fmx7-p3ap-xfgh
summary 
TYPO3 doesn't properly check file extensions
The (1) file upload component and (2) File Abstraction Layer (FAL) in TYPO3 6.0.x before 6.0.8 and 6.1.x before 6.1.3 do not properly check file extensions, which allow remote authenticated editors to execute arbitrary PHP code by uploading a .php file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4250
reference_id
reference_type
scores
0
value 0.00391
scoring_system epss
scoring_elements 0.60458
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4250
1
reference_url https://github.com/TYPO3/typo3
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4250
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4250
3
reference_url https://typo3.org/security/advisory/typo3-core-sa-2013-002
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2013-002
4
reference_url https://github.com/advisories/GHSA-54jj-pxx2-pv8h
reference_id GHSA-54jj-pxx2-pv8h
reference_type
scores
url https://github.com/advisories/GHSA-54jj-pxx2-pv8h
fixed_packages
0
url pkg:composer/typo3/cms@6.1.3
purl pkg:composer/typo3/cms@6.1.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.1.3
aliases CVE-2013-4250, GHSA-54jj-pxx2-pv8h
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fmx7-p3ap-xfgh
4
url VCID-j4zg-ekjr-jycg
vulnerability_id VCID-j4zg-ekjr-jycg
summary 
TYPO3 Cross-Site Scripting (XSS) vulnerabilities in Content Editing Wizards component
Multiple cross-site scripting (XSS) vulnerabilities in Content Editing Wizards in TYPO3 4.5.x before 4.5.32, 4.7.x before 4.7.17, 6.0.x before 6.0.12, 6.1.x before 6.1.7, and the development versions of 6.2 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters.
references
0
reference_url http://osvdb.org/100881
reference_id
reference_type
scores
0
value 3.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url http://osvdb.org/100881
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-7074
reference_id
reference_type
scores
0
value 0.00335
scoring_system epss
scoring_elements 0.56593
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-7074
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7073
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7074
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7074
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7075
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7075
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7076
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7076
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7078
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7078
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7079
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7079
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7080
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7080
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7081
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7081
10
reference_url http://seclists.org/oss-sec/2013/q4/473
reference_id
reference_type
scores
0
value 3.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2013/q4/473
11
reference_url http://seclists.org/oss-sec/2013/q4/487
reference_id
reference_type
scores
0
value 3.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2013/q4/487
12
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/89620
reference_id
reference_type
scores
0
value 3.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/89620
13
reference_url https://github.com/TYPO3/typo3
reference_id
reference_type
scores
0
value 3.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-7074
reference_id
reference_type
scores
0
value 3.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-7074
15
reference_url http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004
reference_id
reference_type
scores
0
value 3.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004
16
reference_url http://www.debian.org/security/2014/dsa-2834
reference_id
reference_type
scores
0
value 3.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2014/dsa-2834
17
reference_url http://www.securityfocus.com/bid/64245
reference_id
reference_type
scores
0
value 3.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/64245
18
reference_url https://github.com/advisories/GHSA-r8m7-792j-5jvq
reference_id GHSA-r8m7-792j-5jvq
reference_type
scores
url https://github.com/advisories/GHSA-r8m7-792j-5jvq
fixed_packages
0
url pkg:composer/typo3/cms@6.1.7
purl pkg:composer/typo3/cms@6.1.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.1.7
aliases CVE-2013-7074, GHSA-r8m7-792j-5jvq
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j4zg-ekjr-jycg
5
url VCID-jppr-qkg2-ebc9
vulnerability_id VCID-jppr-qkg2-ebc9
summary 
TYPO3 vulnerable to Insecure Unserialize via Content Editing Wizards component
The Content Editing Wizards component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 allows remote authenticated backend users to unserialize arbitrary PHP objects, delete arbitrary files, and possibly have other unspecified impacts via an unspecified parameter, related to a "missing signature."
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-7075
reference_id
reference_type
scores
0
value 0.00408
scoring_system epss
scoring_elements 0.61507
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-7075
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7073
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7074
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7074
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7075
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7075
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7076
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7076
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7078
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7078
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7079
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7079
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7080
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7080
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7081
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7081
9
reference_url http://seclists.org/oss-sec/2013/q4/473
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2013/q4/473
10
reference_url https://github.com/TYPO3/typo3
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-7075
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-7075
12
reference_url http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004
13
reference_url http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004/
reference_id
reference_type
scores
url http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004/
14
reference_url http://www.debian.org/security/2014/dsa-2834
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2014/dsa-2834
15
reference_url https://github.com/advisories/GHSA-47ww-mq32-g4xw
reference_id GHSA-47ww-mq32-g4xw
reference_type
scores
url https://github.com/advisories/GHSA-47ww-mq32-g4xw
fixed_packages
0
url pkg:composer/typo3/cms@6.1.7
purl pkg:composer/typo3/cms@6.1.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.1.7
aliases CVE-2013-7075, GHSA-47ww-mq32-g4xw
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jppr-qkg2-ebc9
6
url VCID-nx7p-v66a-vfg1
vulnerability_id VCID-nx7p-v66a-vfg1
summary 
TYPO3 vulnerable to Information Disclosure via Content Editing Wizards component
The Content Editing Wizards component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 does not check permissions, which allows remote authenticated editors to read arbitrary TYPO3 table columns via unspecified parameters.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00028.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00028.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2016-08/msg00083.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2016-08/msg00083.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2016-08/msg00106.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2016-08/msg00106.html
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-7073
reference_id
reference_type
scores
0
value 0.00275
scoring_system epss
scoring_elements 0.5114
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-7073
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7073
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7074
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7074
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7075
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7075
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7076
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7076
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7078
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7078
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7079
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7079
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7080
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7080
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7081
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7081
12
reference_url http://seclists.org/oss-sec/2013/q4/473
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2013/q4/473
13
reference_url http://seclists.org/oss-sec/2013/q4/487
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2013/q4/487
14
reference_url https://github.com/TYPO3/typo3
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3
15
reference_url http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004
16
reference_url http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004/
reference_id
reference_type
scores
url http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004/
17
reference_url http://www.debian.org/security/2014/dsa-2834
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2014/dsa-2834
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-7073
reference_id CVE-2013-7073
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-7073
19
reference_url https://github.com/advisories/GHSA-4rpv-g4gq-rh4m
reference_id GHSA-4rpv-g4gq-rh4m
reference_type
scores
url https://github.com/advisories/GHSA-4rpv-g4gq-rh4m
fixed_packages
0
url pkg:composer/typo3/cms@6.1.7
purl pkg:composer/typo3/cms@6.1.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.1.7
aliases CVE-2013-7073, GHSA-4rpv-g4gq-rh4m
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nx7p-v66a-vfg1
7
url VCID-wasp-gawc-cbca
vulnerability_id VCID-wasp-gawc-cbca
summary 
TYPO3 Color Picker Wizard component allows remote authenticated editors to execute arbitrary PHP code
The Color Picker Wizard component in TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, and 6.1.0 before 6.1.9 allows remote authenticated editors to execute arbitrary PHP code via a serialized PHP object.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2014-06/msg00037.html
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2014-06/msg00037.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3942
reference_id
reference_type
scores
0
value 0.00442
scoring_system epss
scoring_elements 0.63594
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3942
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3941
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3941
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3942
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3942
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3943
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3943
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3944
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3944
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3945
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3945
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3946
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3946
8
reference_url https://github.com/TYPO3/typo3
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3
9
reference_url https://typo3.org/security/advisory/typo3-core-sa-2014-001
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2014-001
10
reference_url http://www.debian.org/security/2014/dsa-2942
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2014/dsa-2942
11
reference_url http://www.openwall.com/lists/oss-security/2014/06/03/2
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2014/06/03/2
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-3942
reference_id CVE-2014-3942
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-3942
13
reference_url https://github.com/advisories/GHSA-55g3-fjwm-w2c8
reference_id GHSA-55g3-fjwm-w2c8
reference_type
scores
url https://github.com/advisories/GHSA-55g3-fjwm-w2c8
fixed_packages
0
url pkg:composer/typo3/cms@6.1.9
purl pkg:composer/typo3/cms@6.1.9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.1.9
aliases CVE-2014-3942, GHSA-55g3-fjwm-w2c8
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wasp-gawc-cbca
8
url VCID-yphc-ujay-7fcs
vulnerability_id VCID-yphc-ujay-7fcs
summary 
Typo3 Host Header Spoofing Vulnerability
TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, 6.1.0 before 6.1.9, and 6.2.0 before 6.2.3 allows remote attackers to have unspecified impact via a crafted HTTP Host header, related to "Host Spoofing."
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00028.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00028.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2014-06/msg00037.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2014-06/msg00037.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2016-08/msg00083.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2016-08/msg00083.html
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3941
reference_id
reference_type
scores
0
value 0.00276
scoring_system epss
scoring_elements 0.51253
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3941
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3941
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3941
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3942
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3942
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3943
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3943
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3944
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3944
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3945
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3945
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3946
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3946
10
reference_url https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001
11
reference_url http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001
12
reference_url http://www.debian.org/security/2014/dsa-2942
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2014/dsa-2942
13
reference_url http://www.openwall.com/lists/oss-security/2014/06/03/2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2014/06/03/2
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-3941
reference_id CVE-2014-3941
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-3941
15
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2014-3941.yaml
reference_id CVE-2014-3941.YAML
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2014-3941.yaml
16
reference_url https://github.com/advisories/GHSA-594h-cx6w-p4jf
reference_id GHSA-594h-cx6w-p4jf
reference_type
scores
url https://github.com/advisories/GHSA-594h-cx6w-p4jf
fixed_packages
0
url pkg:composer/typo3/cms@6.1.9
purl pkg:composer/typo3/cms@6.1.9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.1.9
1
url pkg:composer/typo3/cms@6.2.3
purl pkg:composer/typo3/cms@6.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1efr-h9gq-r7h1
1
vulnerability VCID-1u4r-r97q-3yfk
2
vulnerability VCID-2r7u-mc45-8yhe
3
vulnerability VCID-39jx-muqb-nkfq
4
vulnerability VCID-3ump-aca5-g7b6
5
vulnerability VCID-5dxs-cdht-27hw
6
vulnerability VCID-5hm4-ms5p-uuae
7
vulnerability VCID-6u6t-uy5y-5fd6
8
vulnerability VCID-727q-h3ey-6yc9
9
vulnerability VCID-7n9x-c9gs-9yb3
10
vulnerability VCID-8jcy-3kje-fqeh
11
vulnerability VCID-8p64-6zpt-t3av
12
vulnerability VCID-8vum-snng-jfcv
13
vulnerability VCID-ansr-8m5j-pya6
14
vulnerability VCID-c57c-akce-xufq
15
vulnerability VCID-dd9u-w2y2-87h9
16
vulnerability VCID-dw8z-wtph-skey
17
vulnerability VCID-dwjk-7sqh-hqa8
18
vulnerability VCID-e1gr-txgg-fqa6
19
vulnerability VCID-e82x-2cdb-7fgn
20
vulnerability VCID-ebku-sk43-m7bf
21
vulnerability VCID-ec17-eauu-67d3
22
vulnerability VCID-eutz-mj58-audb
23
vulnerability VCID-ev4k-5k1d-2bhu
24
vulnerability VCID-exjy-5cyn-zfg1
25
vulnerability VCID-fqkx-v8t5-q3h6
26
vulnerability VCID-g9ns-sxkx-aqh1
27
vulnerability VCID-h217-xe8x-nua3
28
vulnerability VCID-h7hf-sf2q-73ay
29
vulnerability VCID-huxd-2e6q-abak
30
vulnerability VCID-hzma-cduk-3uhp
31
vulnerability VCID-j6x1-dfre-2bdq
32
vulnerability VCID-jeqr-9tfu-f7b2
33
vulnerability VCID-jx9x-wxwq-5khx
34
vulnerability VCID-kj76-rsr8-yqb3
35
vulnerability VCID-kqu8-8c1n-73hr
36
vulnerability VCID-ks1q-a8x2-uqht
37
vulnerability VCID-m3nc-xbb4-yubr
38
vulnerability VCID-n18b-qe5x-z7cj
39
vulnerability VCID-n326-yy8y-xuap
40
vulnerability VCID-nhjv-nke2-2kf8
41
vulnerability VCID-nqqc-nkwq-rqhx
42
vulnerability VCID-p7gd-anw2-1qbz
43
vulnerability VCID-q5f3-nhjn-hyb4
44
vulnerability VCID-rae3-cugy-hbh5
45
vulnerability VCID-s97a-nmk8-y3ay
46
vulnerability VCID-sn8n-mawq-3uht
47
vulnerability VCID-tgyt-axv1-c7ag
48
vulnerability VCID-u4tq-8qnk-5fd7
49
vulnerability VCID-u6h1-ccgw-jqds
50
vulnerability VCID-ub3e-hrb1-wqac
51
vulnerability VCID-vq15-t92r-5bhx
52
vulnerability VCID-wk4s-4bcd-2yb5
53
vulnerability VCID-wms8-dnuz-b3hc
54
vulnerability VCID-xw1s-93bu-wuh9
55
vulnerability VCID-y1ap-y4az-x7ec
56
vulnerability VCID-yn6z-9v7k-x7br
57
vulnerability VCID-zpxz-291y-x3c7
58
vulnerability VCID-zrz3-3dnf-tbay
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.3
aliases CVE-2014-3941, GHSA-594h-cx6w-p4jf
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yphc-ujay-7fcs
9
url VCID-zqe5-53je-mfaw
vulnerability_id VCID-zqe5-53je-mfaw
summary 
Typo3 XSS Vulnerabilities
Multiple cross-site scripting (XSS) vulnerabilities in unspecified backend components in TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, 6.1.0 before 6.1.9, and 6.2.0 before 6.2.3 allow remote authenticated editors to inject arbitrary web script or HTML via unknown parameters.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2014-06/msg00037.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2014-06/msg00037.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3943
reference_id
reference_type
scores
0
value 0.00208
scoring_system epss
scoring_elements 0.43123
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3943
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3941
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3941
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3942
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3942
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3943
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3943
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3944
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3944
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3945
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3945
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3946
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3946
8
reference_url https://typo3.org/security/advisory/typo3-core-sa-2014-001
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2014-001
9
reference_url https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001
10
reference_url https://web.archive.org/web/20200229060129/http://www.securityfocus.com/bid/67625
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200229060129/http://www.securityfocus.com/bid/67625
11
reference_url http://www.debian.org/security/2014/dsa-2942
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2014/dsa-2942
12
reference_url http://www.openwall.com/lists/oss-security/2014/06/03/2
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2014/06/03/2
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-3943
reference_id CVE-2014-3943
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-3943
14
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2014-3943.yaml
reference_id CVE-2014-3943.YAML
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2014-3943.yaml
15
reference_url https://github.com/advisories/GHSA-qqh2-h6gw-6x8x
reference_id GHSA-qqh2-h6gw-6x8x
reference_type
scores
url https://github.com/advisories/GHSA-qqh2-h6gw-6x8x
fixed_packages
0
url pkg:composer/typo3/cms@6.1.9
purl pkg:composer/typo3/cms@6.1.9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.1.9
1
url pkg:composer/typo3/cms@6.2.3
purl pkg:composer/typo3/cms@6.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1efr-h9gq-r7h1
1
vulnerability VCID-1u4r-r97q-3yfk
2
vulnerability VCID-2r7u-mc45-8yhe
3
vulnerability VCID-39jx-muqb-nkfq
4
vulnerability VCID-3ump-aca5-g7b6
5
vulnerability VCID-5dxs-cdht-27hw
6
vulnerability VCID-5hm4-ms5p-uuae
7
vulnerability VCID-6u6t-uy5y-5fd6
8
vulnerability VCID-727q-h3ey-6yc9
9
vulnerability VCID-7n9x-c9gs-9yb3
10
vulnerability VCID-8jcy-3kje-fqeh
11
vulnerability VCID-8p64-6zpt-t3av
12
vulnerability VCID-8vum-snng-jfcv
13
vulnerability VCID-ansr-8m5j-pya6
14
vulnerability VCID-c57c-akce-xufq
15
vulnerability VCID-dd9u-w2y2-87h9
16
vulnerability VCID-dw8z-wtph-skey
17
vulnerability VCID-dwjk-7sqh-hqa8
18
vulnerability VCID-e1gr-txgg-fqa6
19
vulnerability VCID-e82x-2cdb-7fgn
20
vulnerability VCID-ebku-sk43-m7bf
21
vulnerability VCID-ec17-eauu-67d3
22
vulnerability VCID-eutz-mj58-audb
23
vulnerability VCID-ev4k-5k1d-2bhu
24
vulnerability VCID-exjy-5cyn-zfg1
25
vulnerability VCID-fqkx-v8t5-q3h6
26
vulnerability VCID-g9ns-sxkx-aqh1
27
vulnerability VCID-h217-xe8x-nua3
28
vulnerability VCID-h7hf-sf2q-73ay
29
vulnerability VCID-huxd-2e6q-abak
30
vulnerability VCID-hzma-cduk-3uhp
31
vulnerability VCID-j6x1-dfre-2bdq
32
vulnerability VCID-jeqr-9tfu-f7b2
33
vulnerability VCID-jx9x-wxwq-5khx
34
vulnerability VCID-kj76-rsr8-yqb3
35
vulnerability VCID-kqu8-8c1n-73hr
36
vulnerability VCID-ks1q-a8x2-uqht
37
vulnerability VCID-m3nc-xbb4-yubr
38
vulnerability VCID-n18b-qe5x-z7cj
39
vulnerability VCID-n326-yy8y-xuap
40
vulnerability VCID-nhjv-nke2-2kf8
41
vulnerability VCID-nqqc-nkwq-rqhx
42
vulnerability VCID-p7gd-anw2-1qbz
43
vulnerability VCID-q5f3-nhjn-hyb4
44
vulnerability VCID-rae3-cugy-hbh5
45
vulnerability VCID-s97a-nmk8-y3ay
46
vulnerability VCID-sn8n-mawq-3uht
47
vulnerability VCID-tgyt-axv1-c7ag
48
vulnerability VCID-u4tq-8qnk-5fd7
49
vulnerability VCID-u6h1-ccgw-jqds
50
vulnerability VCID-ub3e-hrb1-wqac
51
vulnerability VCID-vq15-t92r-5bhx
52
vulnerability VCID-wk4s-4bcd-2yb5
53
vulnerability VCID-wms8-dnuz-b3hc
54
vulnerability VCID-xw1s-93bu-wuh9
55
vulnerability VCID-y1ap-y4az-x7ec
56
vulnerability VCID-yn6z-9v7k-x7br
57
vulnerability VCID-zpxz-291y-x3c7
58
vulnerability VCID-zrz3-3dnf-tbay
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.3
aliases CVE-2014-3943, GHSA-qqh2-h6gw-6x8x
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zqe5-53je-mfaw
10
url VCID-zsxp-jm33-tfah
vulnerability_id VCID-zsxp-jm33-tfah
summary 
TYPO3 vulnerable to remote authenticated arbitrary code execution
The File Abstraction Layer (FAL) in TYPO3 6.0.x before 6.0.9 and 6.1.x before 6.1.4 allows remote authenticated editors to execute arbitrary PHP code via unspecified characters in the file extension when renaming a file.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4250.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4321
reference_id
reference_type
scores
0
value 0.00485
scoring_system epss
scoring_elements 0.65708
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4321
1
reference_url https://github.com/TYPO3/typo3
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4321
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4321
3
reference_url https://typo3.org/security/advisory/typo3-core-sa-2013-003
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2013-003
4
reference_url https://github.com/advisories/GHSA-m76j-69c2-c3m8
reference_id GHSA-m76j-69c2-c3m8
reference_type
scores
url https://github.com/advisories/GHSA-m76j-69c2-c3m8
fixed_packages
0
url pkg:composer/typo3/cms@6.1.4
purl pkg:composer/typo3/cms@6.1.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.1.4
aliases CVE-2013-4321, GHSA-m76j-69c2-c3m8
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zsxp-jm33-tfah
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.1.0