Search for packages
| purl | pkg:composer/typo3/cms-core@9.5.287 |
| Tags | Ghost |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-6a9t-8dmn-s3bv
Aliases: CVE-2021-32667 GHSA-8mq9-fqv8-59wf |
Cross-site Scripting TYPO3 contains a cross-site scripting vulnerability. When _Page TSconfig_ settings are not properly encoded, corresponding page preview module (`_Web>View_`) is vulnerable to persistent cross-site scripting. A valid backend user account is needed to exploit this vulnerability. TYPO3 contain a patch for this issue. |
Affected by 34 other vulnerabilities. Affected by 36 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T12:48:36.120535+00:00 | GitLab Importer | Affected by | VCID-6a9t-8dmn-s3bv | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/cms-core/CVE-2021-32667.yml | 38.0.0 |