Search for packages
| purl | pkg:composer/typo3/cms@6.1.8 |
| Tags | Ghost |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-9j2h-q1n5-kbgt
Aliases: CVE-2014-3943 GHSA-qqh2-h6gw-6x8x |
Typo3 XSS Vulnerabilities Multiple cross-site scripting (XSS) vulnerabilities in unspecified backend components in TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, 6.1.0 before 6.1.9, and 6.2.0 before 6.2.3 allow remote authenticated editors to inject arbitrary web script or HTML via unknown parameters. |
Affected by 0 other vulnerabilities. Affected by 104 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
|
VCID-d79s-4kzk-hugy
Aliases: CVE-2014-3941 GHSA-594h-cx6w-p4jf |
Typo3 Host Header Spoofing Vulnerability TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, 6.1.0 before 6.1.9, and 6.2.0 before 6.2.3 allows remote attackers to have unspecified impact via a crafted HTTP Host header, related to "Host Spoofing." |
Affected by 0 other vulnerabilities. Affected by 104 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-04T14:31:03.054461+00:00 | GHSA Importer | Affected by | VCID-d79s-4kzk-hugy | https://github.com/advisories/GHSA-594h-cx6w-p4jf | 38.1.0 |
| 2026-04-04T14:31:02.949674+00:00 | GHSA Importer | Affected by | VCID-9j2h-q1n5-kbgt | https://github.com/advisories/GHSA-qqh2-h6gw-6x8x | 38.1.0 |