VulnerableCode Package Details - pkg:composer/typo3/cms-backend@9.5.25

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-t3jn-vwbx-u7cr	Cross-Site Scripting in Content Preview (CType menu) ### Problem It has been discovered that content elements of type _menu_ are vulnerable to cross-site scripting when their referenced items get previewed in the page module. A valid backend user account is needed to exploit this vulnerability. ### Solution Update to TYPO3 versions 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1 that fix the problem described. ### Credits Thanks to TYPO3 contributor Oliver Bartsch who reported and fixed the issue. ### References * [TYPO3-CORE-SA-2021-008](https://typo3.org/security/advisory/typo3-core-sa-2021-008)	CVE-2021-21370 GHSA-x7hc-x7fm-f7qh

Vulnerability

Summary

Aliases

VCID-t3jn-vwbx-u7cr

Cross-Site Scripting in Content Preview (CType menu) ### Problem It has been discovered that content elements of type _menu_ are vulnerable to cross-site scripting when their referenced items get previewed in the page module. A valid backend user account is needed to exploit this vulnerability. ### Solution Update to TYPO3 versions 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1 that fix the problem described. ### Credits Thanks to TYPO3 contributor Oliver Bartsch who reported and fixed the issue. ### References * [TYPO3-CORE-SA-2021-008](https://typo3.org/security/advisory/typo3-core-sa-2021-008)

CVE-2021-21370
GHSA-x7hc-x7fm-f7qh

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T21:19:27.360784+00:00	GitLab Importer	Fixing	VCID-t3jn-vwbx-u7cr	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/cms-backend/CVE-2021-21370.yml	38.4.0
2026-04-11T22:31:45.871043+00:00	GitLab Importer	Fixing	VCID-t3jn-vwbx-u7cr	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/cms-backend/CVE-2021-21370.yml	38.3.0
2026-04-02T22:43:06.171153+00:00	GitLab Importer	Fixing	VCID-t3jn-vwbx-u7cr	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/cms-backend/CVE-2021-21370.yml	38.1.0
2026-04-02T16:56:18.723940+00:00	GHSA Importer	Fixing	VCID-t3jn-vwbx-u7cr	https://github.com/advisories/GHSA-x7hc-x7fm-f7qh	38.1.0
2026-04-01T17:00:49.116928+00:00	GitLab Importer	Fixing	VCID-t3jn-vwbx-u7cr	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/cms-backend/CVE-2021-21370.yml	38.0.0
2026-04-01T13:01:58.396778+00:00	GithubOSV Importer	Fixing	VCID-t3jn-vwbx-u7cr	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/03/GHSA-x7hc-x7fm-f7qh/GHSA-x7hc-x7fm-f7qh.json	38.0.0