Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:composer/typo3/cms-core@8.7.41
purl pkg:composer/typo3/cms-core@8.7.41
Tags Ghost
Next non-vulnerable version 12.4.41
Latest non-vulnerable version 14.0.2
Risk 3.1
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-y32z-2d3f-gkgw
Aliases:
CVE-2021-32768
GHSA-c5c9-8c6m-727v
Cross-site Scripting TYPO3 is vulnerable to cross-site scripting. Corresponding rendering instructions via TypoScript functionality HTMLparser does not consider all potentially malicious HTML tag & attribute combinations per default. In default scenarios, a valid backend user account is needed to exploit this vulnerability. In case custom plugins used in the website frontend accept and reflect rich-text content submitted by users, no authentication is required.
8.7.42
Affected by 0 other vulnerabilities.
9.5.29
Affected by 27 other vulnerabilities.
10.4.19
Affected by 33 other vulnerabilities.
11.3.2
Affected by 35 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-02T16:57:35.474796+00:00 GHSA Importer Fixing VCID-n15v-ta9h-6ffb https://github.com/advisories/GHSA-34fr-fhqr-7235 38.1.0
2026-04-02T16:57:34.937833+00:00 GHSA Importer Fixing VCID-ekfd-wp8z-d7e1 https://github.com/advisories/GHSA-rgcg-28xm-8mmw 38.1.0
2026-04-02T16:57:34.906377+00:00 GHSA Importer Fixing VCID-s64f-x81f-b7ce https://github.com/advisories/GHSA-6mh3-j5r5-2379 38.1.0
2026-04-01T13:02:16.331356+00:00 GithubOSV Importer Fixing VCID-s64f-x81f-b7ce https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/07/GHSA-6mh3-j5r5-2379/GHSA-6mh3-j5r5-2379.json 38.0.0
2026-04-01T13:02:15.526964+00:00 GithubOSV Importer Fixing VCID-ekfd-wp8z-d7e1 https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/07/GHSA-rgcg-28xm-8mmw/GHSA-rgcg-28xm-8mmw.json 38.0.0
2026-04-01T13:02:14.440499+00:00 GithubOSV Importer Fixing VCID-n15v-ta9h-6ffb https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/07/GHSA-34fr-fhqr-7235/GHSA-34fr-fhqr-7235.json 38.0.0
2026-04-01T12:48:38.977772+00:00 GitLab Importer Affected by VCID-y32z-2d3f-gkgw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/cms-core/CVE-2021-32768.yml 38.0.0