Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/typo3/cms@6.2.30
Typecomposer
Namespacetypo3
Namecms
Version6.2.30
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version10.4.35
Latest_non_vulnerable_version12.2.0
Affected_by_vulnerabilities
0
url VCID-ev4k-5k1d-2bhu
vulnerability_id VCID-ev4k-5k1d-2bhu
summary 
URL Redirection to Untrusted Site (Open Redirect)
Login Handling is susceptible to open redirection which allows attackers redirecting to arbitrary content, and conducting phishing attacks. No authentication is required in order to exploit this vulnerability.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-21338
reference_id
reference_type
scores
0
value 0.00253
scoring_system epss
scoring_elements 0.48843
published_at 2026-06-06T12:55:00Z
1
value 0.00253
scoring_system epss
scoring_elements 0.48835
published_at 2026-06-05T12:55:00Z
2
value 0.00253
scoring_system epss
scoring_elements 0.48774
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-21338
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21338.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21338.yaml
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21338.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21338.yaml
3
reference_url https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-4jhw-2p6j-5wmp
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-4jhw-2p6j-5wmp
4
reference_url https://packagist.org/packages/typo3/cms-core
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://packagist.org/packages/typo3/cms-core
5
reference_url https://typo3.org/security/advisory/typo3-core-sa-2021-001
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2021-001
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-21338
reference_id CVE-2021-21338
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-21338
fixed_packages
0
url pkg:composer/typo3/cms@6.2.57
purl pkg:composer/typo3/cms@6.2.57
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.57
1
url pkg:composer/typo3/cms@7.6.51
purl pkg:composer/typo3/cms@7.6.51
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-uq77-aax5-k7d8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.51
2
url pkg:composer/typo3/cms@8.7.40
purl pkg:composer/typo3/cms@8.7.40
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-j8hk-bqnb-gycp
1
vulnerability VCID-sdjb-gp4t-vbgt
2
vulnerability VCID-uq77-aax5-k7d8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.40
3
url pkg:composer/typo3/cms@9.5.25
purl pkg:composer/typo3/cms@9.5.25
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11sw-6x9k-vued
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-2rmv-a83x-9ka8
3
vulnerability VCID-6a22-c7x5-sqe2
4
vulnerability VCID-a1g9-pyz5-9fca
5
vulnerability VCID-hsw8-nbs6-auaa
6
vulnerability VCID-j8hk-bqnb-gycp
7
vulnerability VCID-sdjb-gp4t-vbgt
8
vulnerability VCID-tzpj-j3x1-ekgk
9
vulnerability VCID-un7r-8sah-33cr
10
vulnerability VCID-uq77-aax5-k7d8
11
vulnerability VCID-zybp-mb3d-jyee
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.25
4
url pkg:composer/typo3/cms@10.4.14
purl pkg:composer/typo3/cms@10.4.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11sw-6x9k-vued
1
vulnerability VCID-13up-fwbr-17am
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-2rmv-a83x-9ka8
4
vulnerability VCID-36cz-khgc-6fft
5
vulnerability VCID-6a22-c7x5-sqe2
6
vulnerability VCID-6hnx-p9hv-jbg2
7
vulnerability VCID-6xgm-uan4-u7fu
8
vulnerability VCID-9c49-n1a2-pubu
9
vulnerability VCID-a1g9-pyz5-9fca
10
vulnerability VCID-e4zc-fmh2-n7b8
11
vulnerability VCID-fyyr-48a7-8qch
12
vulnerability VCID-gbev-1zs8-8bac
13
vulnerability VCID-hsw8-nbs6-auaa
14
vulnerability VCID-j8hk-bqnb-gycp
15
vulnerability VCID-sdjb-gp4t-vbgt
16
vulnerability VCID-tzpj-j3x1-ekgk
17
vulnerability VCID-un7r-8sah-33cr
18
vulnerability VCID-uq77-aax5-k7d8
19
vulnerability VCID-x8qf-w4vq-mfhm
20
vulnerability VCID-x8tq-5na6-gfbj
21
vulnerability VCID-zybp-mb3d-jyee
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.4.14
5
url pkg:composer/typo3/cms@11.1.1
purl pkg:composer/typo3/cms@11.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11sw-6x9k-vued
1
vulnerability VCID-13up-fwbr-17am
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-2rmv-a83x-9ka8
4
vulnerability VCID-36cz-khgc-6fft
5
vulnerability VCID-6a22-c7x5-sqe2
6
vulnerability VCID-6hnx-p9hv-jbg2
7
vulnerability VCID-6xgm-uan4-u7fu
8
vulnerability VCID-9c49-n1a2-pubu
9
vulnerability VCID-a1g9-pyz5-9fca
10
vulnerability VCID-e4zc-fmh2-n7b8
11
vulnerability VCID-fsx8-7qjz-2ubw
12
vulnerability VCID-fyyr-48a7-8qch
13
vulnerability VCID-gbev-1zs8-8bac
14
vulnerability VCID-hsw8-nbs6-auaa
15
vulnerability VCID-j8hk-bqnb-gycp
16
vulnerability VCID-sdjb-gp4t-vbgt
17
vulnerability VCID-tzpj-j3x1-ekgk
18
vulnerability VCID-un7r-8sah-33cr
19
vulnerability VCID-uq77-aax5-k7d8
20
vulnerability VCID-x8qf-w4vq-mfhm
21
vulnerability VCID-x8tq-5na6-gfbj
22
vulnerability VCID-zybp-mb3d-jyee
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@11.1.1
aliases CVE-2021-21338, GHSA-4jhw-2p6j-5wmp
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ev4k-5k1d-2bhu
1
url VCID-fqkx-v8t5-q3h6
vulnerability_id VCID-fqkx-v8t5-q3h6
summary 
Cleartext Storage of Sensitive Information
User session identifiers are stored in cleartext - without processing of additional cryptographic hashing algorithms. This vulnerability cannot be exploited directly and occurs in combination with a chained attack - for example SQL injection in any other component of the system.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-21339
reference_id
reference_type
scores
0
value 0.00132
scoring_system epss
scoring_elements 0.32264
published_at 2026-06-06T12:55:00Z
1
value 0.00132
scoring_system epss
scoring_elements 0.32296
published_at 2026-06-05T12:55:00Z
2
value 0.00132
scoring_system epss
scoring_elements 0.32224
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-21339
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21339.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21339.yaml
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21339.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21339.yaml
3
reference_url https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-qx3w-4864-94ch
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-qx3w-4864-94ch
4
reference_url https://packagist.org/packages/typo3/cms-core
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://packagist.org/packages/typo3/cms-core
5
reference_url https://typo3.org/security/advisory/typo3-core-sa-2021-006
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2021-006
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-21339
reference_id CVE-2021-21339
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-21339
fixed_packages
0
url pkg:composer/typo3/cms@6.2.57
purl pkg:composer/typo3/cms@6.2.57
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.57
1
url pkg:composer/typo3/cms@7.6.51
purl pkg:composer/typo3/cms@7.6.51
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-uq77-aax5-k7d8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.51
2
url pkg:composer/typo3/cms@8.7.40
purl pkg:composer/typo3/cms@8.7.40
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-j8hk-bqnb-gycp
1
vulnerability VCID-sdjb-gp4t-vbgt
2
vulnerability VCID-uq77-aax5-k7d8
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.40
3
url pkg:composer/typo3/cms@9.5.25
purl pkg:composer/typo3/cms@9.5.25
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11sw-6x9k-vued
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-2rmv-a83x-9ka8
3
vulnerability VCID-6a22-c7x5-sqe2
4
vulnerability VCID-a1g9-pyz5-9fca
5
vulnerability VCID-hsw8-nbs6-auaa
6
vulnerability VCID-j8hk-bqnb-gycp
7
vulnerability VCID-sdjb-gp4t-vbgt
8
vulnerability VCID-tzpj-j3x1-ekgk
9
vulnerability VCID-un7r-8sah-33cr
10
vulnerability VCID-uq77-aax5-k7d8
11
vulnerability VCID-zybp-mb3d-jyee
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.25
4
url pkg:composer/typo3/cms@10.4.14
purl pkg:composer/typo3/cms@10.4.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11sw-6x9k-vued
1
vulnerability VCID-13up-fwbr-17am
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-2rmv-a83x-9ka8
4
vulnerability VCID-36cz-khgc-6fft
5
vulnerability VCID-6a22-c7x5-sqe2
6
vulnerability VCID-6hnx-p9hv-jbg2
7
vulnerability VCID-6xgm-uan4-u7fu
8
vulnerability VCID-9c49-n1a2-pubu
9
vulnerability VCID-a1g9-pyz5-9fca
10
vulnerability VCID-e4zc-fmh2-n7b8
11
vulnerability VCID-fyyr-48a7-8qch
12
vulnerability VCID-gbev-1zs8-8bac
13
vulnerability VCID-hsw8-nbs6-auaa
14
vulnerability VCID-j8hk-bqnb-gycp
15
vulnerability VCID-sdjb-gp4t-vbgt
16
vulnerability VCID-tzpj-j3x1-ekgk
17
vulnerability VCID-un7r-8sah-33cr
18
vulnerability VCID-uq77-aax5-k7d8
19
vulnerability VCID-x8qf-w4vq-mfhm
20
vulnerability VCID-x8tq-5na6-gfbj
21
vulnerability VCID-zybp-mb3d-jyee
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.4.14
5
url pkg:composer/typo3/cms@11.1.1
purl pkg:composer/typo3/cms@11.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11sw-6x9k-vued
1
vulnerability VCID-13up-fwbr-17am
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-2rmv-a83x-9ka8
4
vulnerability VCID-36cz-khgc-6fft
5
vulnerability VCID-6a22-c7x5-sqe2
6
vulnerability VCID-6hnx-p9hv-jbg2
7
vulnerability VCID-6xgm-uan4-u7fu
8
vulnerability VCID-9c49-n1a2-pubu
9
vulnerability VCID-a1g9-pyz5-9fca
10
vulnerability VCID-e4zc-fmh2-n7b8
11
vulnerability VCID-fsx8-7qjz-2ubw
12
vulnerability VCID-fyyr-48a7-8qch
13
vulnerability VCID-gbev-1zs8-8bac
14
vulnerability VCID-hsw8-nbs6-auaa
15
vulnerability VCID-j8hk-bqnb-gycp
16
vulnerability VCID-sdjb-gp4t-vbgt
17
vulnerability VCID-tzpj-j3x1-ekgk
18
vulnerability VCID-un7r-8sah-33cr
19
vulnerability VCID-uq77-aax5-k7d8
20
vulnerability VCID-x8qf-w4vq-mfhm
21
vulnerability VCID-x8tq-5na6-gfbj
22
vulnerability VCID-zybp-mb3d-jyee
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@11.1.1
aliases CVE-2021-21339, GHSA-qx3w-4864-94ch
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fqkx-v8t5-q3h6
2
url VCID-nqqc-nkwq-rqhx
vulnerability_id VCID-nqqc-nkwq-rqhx
summary 
Cross-site Scripting
`svg.swf` in TYPO3 could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on a targeted system. This may be at a `contrib/websvg/svg.swf` pathname.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-8091
reference_id
reference_type
scores
0
value 0.20517
scoring_system epss
scoring_elements 0.95671
published_at 2026-06-04T12:55:00Z
1
value 0.20517
scoring_system epss
scoring_elements 0.95681
published_at 2026-06-06T12:55:00Z
2
value 0.20517
scoring_system epss
scoring_elements 0.95677
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-8091
1
reference_url https://github.com/TYPO3/typo3
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3
2
reference_url https://github.com/TYPO3/typo3/blob/4cb53e828bd5138d180cdf9cac1ccf7fd31086d2/typo3/sysext/core/Documentation/Changelog/7.2/Breaking-65962-WebSVGLibraryAndAPIRemoved.rst
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3/blob/4cb53e828bd5138d180cdf9cac1ccf7fd31086d2/typo3/sysext/core/Documentation/Changelog/7.2/Breaking-65962-WebSVGLibraryAndAPIRemoved.rst
3
reference_url https://github.com/TYPO3/typo3/commit/482e2e992f80f5e38cb48fcaea40fd9812a5252c
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3/commit/482e2e992f80f5e38cb48fcaea40fd9812a5252c
4
reference_url https://typo3.org/security/advisory/typo3-psa-2019-003
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-psa-2019-003
5
reference_url https://www.purplemet.com/blog/typo3-xss-vulnerability
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.purplemet.com/blog/typo3-xss-vulnerability
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-8091
reference_id CVE-2020-8091
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-8091
fixed_packages
0
url pkg:composer/typo3/cms@6.2.39
purl pkg:composer/typo3/cms@6.2.39
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.39
1
url pkg:composer/typo3/cms@7.2.0
purl pkg:composer/typo3/cms@7.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1u4r-r97q-3yfk
1
vulnerability VCID-28fn-ncj5-2ufk
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-2rmv-a83x-9ka8
4
vulnerability VCID-3ugj-6m1e-e3hr
5
vulnerability VCID-5hm4-ms5p-uuae
6
vulnerability VCID-5ru2-1n1f-afa4
7
vulnerability VCID-66kh-c1dm-8fbf
8
vulnerability VCID-7n9x-c9gs-9yb3
9
vulnerability VCID-8jcy-3kje-fqeh
10
vulnerability VCID-953t-q1cr-zyd6
11
vulnerability VCID-9899-uxyb-73gg
12
vulnerability VCID-abjx-8v46-d7d8
13
vulnerability VCID-ansr-8m5j-pya6
14
vulnerability VCID-c57c-akce-xufq
15
vulnerability VCID-cgqm-1wwf-kbg6
16
vulnerability VCID-dsqm-9q3e-dudw
17
vulnerability VCID-dwjk-7sqh-hqa8
18
vulnerability VCID-dyhd-5p1e-fya6
19
vulnerability VCID-e1gr-txgg-fqa6
20
vulnerability VCID-e1ms-4r4s-g7e7
21
vulnerability VCID-e2bk-pfbe-puek
22
vulnerability VCID-e82x-2cdb-7fgn
23
vulnerability VCID-ec17-eauu-67d3
24
vulnerability VCID-ev4k-5k1d-2bhu
25
vulnerability VCID-fdnw-2tz5-4fdr
26
vulnerability VCID-fqkx-v8t5-q3h6
27
vulnerability VCID-gpv4-4tpd-tbaa
28
vulnerability VCID-hm4k-wbq3-r7ej
29
vulnerability VCID-hp99-ncuh-6ugv
30
vulnerability VCID-hsw8-nbs6-auaa
31
vulnerability VCID-hyx9-8ae6-sba8
32
vulnerability VCID-j6x1-dfre-2bdq
33
vulnerability VCID-jp1p-rfxa-hyd9
34
vulnerability VCID-jq5y-7h9g-mufa
35
vulnerability VCID-jwb1-3sbg-kfa5
36
vulnerability VCID-n18b-qe5x-z7cj
37
vulnerability VCID-nhjv-nke2-2kf8
38
vulnerability VCID-njsj-bwjq-fyap
39
vulnerability VCID-p576-w7dd-p3h7
40
vulnerability VCID-p7gd-anw2-1qbz
41
vulnerability VCID-q5f3-nhjn-hyb4
42
vulnerability VCID-qcnh-z4zh-myaw
43
vulnerability VCID-qek9-g3h8-nfdz
44
vulnerability VCID-rae3-cugy-hbh5
45
vulnerability VCID-rs13-zf7b-mka7
46
vulnerability VCID-teby-zvvw-zkhv
47
vulnerability VCID-tzpj-j3x1-ekgk
48
vulnerability VCID-u6h1-ccgw-jqds
49
vulnerability VCID-ub3e-hrb1-wqac
50
vulnerability VCID-uq77-aax5-k7d8
51
vulnerability VCID-vq15-t92r-5bhx
52
vulnerability VCID-w65h-8a9d-ckgj
53
vulnerability VCID-wms8-dnuz-b3hc
54
vulnerability VCID-xvyu-2hb8-8ufh
55
vulnerability VCID-xw1s-93bu-wuh9
56
vulnerability VCID-ys6f-g39p-fkfc
57
vulnerability VCID-yz6t-ge1y-qfgr
58
vulnerability VCID-zru2-9g25-77dc
59
vulnerability VCID-zybp-mb3d-jyee
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.2.0
aliases CVE-2020-8091, GHSA-qvhv-pwww-53jj
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nqqc-nkwq-rqhx
3
url VCID-p7gd-anw2-1qbz
vulnerability_id VCID-p7gd-anw2-1qbz
summary 
Deserialization of Untrusted Data
It has been discovered that the classes `QueryGenerator` and `QueryView` are vulnerable to insecure deserialization. One exploitable scenario requires having the system extension `ext:lowlevel` (Backend Module `DB Check`) installed, with a valid backend user who has administrator privileges. The other exploitable scenario requires having the system extension `ext:sys_action` installed, with a valid backend user who has limited privileges.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-19849
reference_id
reference_type
scores
0
value 0.00746
scoring_system epss
scoring_elements 0.73456
published_at 2026-06-05T12:55:00Z
1
value 0.00746
scoring_system epss
scoring_elements 0.73462
published_at 2026-06-06T12:55:00Z
2
value 0.00746
scoring_system epss
scoring_elements 0.7342
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-19849
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-19849.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-19849.yaml
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-19849.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-19849.yaml
3
reference_url https://review.typo3.org/q/%2522Resolves:+%252389005%2522+topic:security
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://review.typo3.org/q/%2522Resolves:+%252389005%2522+topic:security
4
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-026
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2019-026
5
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-026/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2019-026/
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-19849
reference_id CVE-2019-19849
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-19849
7
reference_url https://github.com/advisories/GHSA-rcgc-4xfc-564v
reference_id GHSA-rcgc-4xfc-564v
reference_type
scores
url https://github.com/advisories/GHSA-rcgc-4xfc-564v
fixed_packages
0
url pkg:composer/typo3/cms@8.7.30
purl pkg:composer/typo3/cms@8.7.30
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11sw-6x9k-vued
1
vulnerability VCID-1ffs-9vj5-27hk
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-2rmv-a83x-9ka8
4
vulnerability VCID-6a22-c7x5-sqe2
5
vulnerability VCID-848u-w88s-5bbe
6
vulnerability VCID-ev4k-5k1d-2bhu
7
vulnerability VCID-fqkx-v8t5-q3h6
8
vulnerability VCID-hsw8-nbs6-auaa
9
vulnerability VCID-j8hk-bqnb-gycp
10
vulnerability VCID-jp1p-rfxa-hyd9
11
vulnerability VCID-sdjb-gp4t-vbgt
12
vulnerability VCID-tgyt-axv1-c7ag
13
vulnerability VCID-tzpj-j3x1-ekgk
14
vulnerability VCID-uq77-aax5-k7d8
15
vulnerability VCID-zybp-mb3d-jyee
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.30
1
url pkg:composer/typo3/cms@9.5.12
purl pkg:composer/typo3/cms@9.5.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11sw-6x9k-vued
1
vulnerability VCID-1ffs-9vj5-27hk
2
vulnerability VCID-1sfk-z8py-ykb8
3
vulnerability VCID-2rhr-8vaz-hqfj
4
vulnerability VCID-2rmv-a83x-9ka8
5
vulnerability VCID-4an7-9ph4-mkd4
6
vulnerability VCID-6a22-c7x5-sqe2
7
vulnerability VCID-6mnf-2fcw-dqgp
8
vulnerability VCID-848u-w88s-5bbe
9
vulnerability VCID-8w4e-d49b-nbg8
10
vulnerability VCID-a1g9-pyz5-9fca
11
vulnerability VCID-bbh5-rss8-bfct
12
vulnerability VCID-bcbd-zzet-mff6
13
vulnerability VCID-e6zr-4bgg-kkh5
14
vulnerability VCID-ev4k-5k1d-2bhu
15
vulnerability VCID-fqkx-v8t5-q3h6
16
vulnerability VCID-hsw8-nbs6-auaa
17
vulnerability VCID-j8hk-bqnb-gycp
18
vulnerability VCID-jp1p-rfxa-hyd9
19
vulnerability VCID-n1gz-y615-cbbk
20
vulnerability VCID-sdjb-gp4t-vbgt
21
vulnerability VCID-tgyt-axv1-c7ag
22
vulnerability VCID-tzpj-j3x1-ekgk
23
vulnerability VCID-un7r-8sah-33cr
24
vulnerability VCID-uq77-aax5-k7d8
25
vulnerability VCID-zkvq-bms4-gfcv
26
vulnerability VCID-zybp-mb3d-jyee
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.12
2
url pkg:composer/typo3/cms@10.2.1
purl pkg:composer/typo3/cms@10.2.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11sw-6x9k-vued
1
vulnerability VCID-13up-fwbr-17am
2
vulnerability VCID-1ffs-9vj5-27hk
3
vulnerability VCID-1sfk-z8py-ykb8
4
vulnerability VCID-2rhr-8vaz-hqfj
5
vulnerability VCID-2rmv-a83x-9ka8
6
vulnerability VCID-2tz2-8qdm-2kcv
7
vulnerability VCID-36cz-khgc-6fft
8
vulnerability VCID-4an7-9ph4-mkd4
9
vulnerability VCID-6a22-c7x5-sqe2
10
vulnerability VCID-6hnx-p9hv-jbg2
11
vulnerability VCID-6mnf-2fcw-dqgp
12
vulnerability VCID-6urp-p9mn-cffv
13
vulnerability VCID-6xgm-uan4-u7fu
14
vulnerability VCID-848u-w88s-5bbe
15
vulnerability VCID-8w4e-d49b-nbg8
16
vulnerability VCID-9c49-n1a2-pubu
17
vulnerability VCID-a1g9-pyz5-9fca
18
vulnerability VCID-bbh5-rss8-bfct
19
vulnerability VCID-bcbd-zzet-mff6
20
vulnerability VCID-c46m-ht19-ybc4
21
vulnerability VCID-e4zc-fmh2-n7b8
22
vulnerability VCID-e6zr-4bgg-kkh5
23
vulnerability VCID-ev4k-5k1d-2bhu
24
vulnerability VCID-fqkx-v8t5-q3h6
25
vulnerability VCID-fyyr-48a7-8qch
26
vulnerability VCID-gbev-1zs8-8bac
27
vulnerability VCID-hsw8-nbs6-auaa
28
vulnerability VCID-j8hk-bqnb-gycp
29
vulnerability VCID-jp1p-rfxa-hyd9
30
vulnerability VCID-n1gz-y615-cbbk
31
vulnerability VCID-r3az-g422-gqf9
32
vulnerability VCID-sdjb-gp4t-vbgt
33
vulnerability VCID-tgyt-axv1-c7ag
34
vulnerability VCID-tzpj-j3x1-ekgk
35
vulnerability VCID-un7r-8sah-33cr
36
vulnerability VCID-uq77-aax5-k7d8
37
vulnerability VCID-x8qf-w4vq-mfhm
38
vulnerability VCID-x8tq-5na6-gfbj
39
vulnerability VCID-zkvq-bms4-gfcv
40
vulnerability VCID-zybp-mb3d-jyee
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.2.1
3
url pkg:composer/typo3/cms@10.2.2
purl pkg:composer/typo3/cms@10.2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11sw-6x9k-vued
1
vulnerability VCID-13up-fwbr-17am
2
vulnerability VCID-1ffs-9vj5-27hk
3
vulnerability VCID-1sfk-z8py-ykb8
4
vulnerability VCID-2rhr-8vaz-hqfj
5
vulnerability VCID-2rmv-a83x-9ka8
6
vulnerability VCID-2tz2-8qdm-2kcv
7
vulnerability VCID-36cz-khgc-6fft
8
vulnerability VCID-4an7-9ph4-mkd4
9
vulnerability VCID-6a22-c7x5-sqe2
10
vulnerability VCID-6hnx-p9hv-jbg2
11
vulnerability VCID-6mnf-2fcw-dqgp
12
vulnerability VCID-6urp-p9mn-cffv
13
vulnerability VCID-6xgm-uan4-u7fu
14
vulnerability VCID-848u-w88s-5bbe
15
vulnerability VCID-8w4e-d49b-nbg8
16
vulnerability VCID-9c49-n1a2-pubu
17
vulnerability VCID-a1g9-pyz5-9fca
18
vulnerability VCID-bbh5-rss8-bfct
19
vulnerability VCID-bcbd-zzet-mff6
20
vulnerability VCID-c46m-ht19-ybc4
21
vulnerability VCID-e4zc-fmh2-n7b8
22
vulnerability VCID-e6zr-4bgg-kkh5
23
vulnerability VCID-ev4k-5k1d-2bhu
24
vulnerability VCID-fqkx-v8t5-q3h6
25
vulnerability VCID-fyyr-48a7-8qch
26
vulnerability VCID-gbev-1zs8-8bac
27
vulnerability VCID-hsw8-nbs6-auaa
28
vulnerability VCID-j8hk-bqnb-gycp
29
vulnerability VCID-jp1p-rfxa-hyd9
30
vulnerability VCID-n1gz-y615-cbbk
31
vulnerability VCID-r3az-g422-gqf9
32
vulnerability VCID-sdjb-gp4t-vbgt
33
vulnerability VCID-tgyt-axv1-c7ag
34
vulnerability VCID-tzpj-j3x1-ekgk
35
vulnerability VCID-un7r-8sah-33cr
36
vulnerability VCID-uq77-aax5-k7d8
37
vulnerability VCID-x8qf-w4vq-mfhm
38
vulnerability VCID-x8tq-5na6-gfbj
39
vulnerability VCID-zkvq-bms4-gfcv
40
vulnerability VCID-zybp-mb3d-jyee
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.2.2
aliases CVE-2019-19849, GHSA-rcgc-4xfc-564v
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p7gd-anw2-1qbz
4
url VCID-tgyt-axv1-c7ag
vulnerability_id VCID-tgyt-axv1-c7ag
summary 
Cross-site Scripting
TYPO3 is an open source PHP based web content management system. In TYPO3 the system extension Fluid (typo3/cms-fluid) of the TYPO3 core is vulnerable to cross-site scripting passing user-controlled data as argument to Fluid view helpers. Update to TYPO3 that fix the problem described.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-26227
reference_id
reference_type
scores
0
value 0.00359
scoring_system epss
scoring_elements 0.58436
published_at 2026-06-06T12:55:00Z
1
value 0.00359
scoring_system epss
scoring_elements 0.58427
published_at 2026-06-05T12:55:00Z
2
value 0.00359
scoring_system epss
scoring_elements 0.5838
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-26227
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-26227.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-26227.yaml
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-26227.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-26227.yaml
3
reference_url https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-vqqx-jw6p-q3rf
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-vqqx-jw6p-q3rf
4
reference_url https://packagist.org/packages/typo3/cms-core
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://packagist.org/packages/typo3/cms-core
5
reference_url https://typo3.org/security/advisory/typo3-core-sa-2020-010
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2020-010
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-26227
reference_id CVE-2020-26227
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-26227
fixed_packages
0
url pkg:composer/typo3/cms@7.0.0
purl pkg:composer/typo3/cms@7.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ef6-uy9t-mqcu
1
vulnerability VCID-1u4r-r97q-3yfk
2
vulnerability VCID-28fn-ncj5-2ufk
3
vulnerability VCID-2f2m-tcjn-fyby
4
vulnerability VCID-2rhr-8vaz-hqfj
5
vulnerability VCID-2rmv-a83x-9ka8
6
vulnerability VCID-3ugj-6m1e-e3hr
7
vulnerability VCID-5ru2-1n1f-afa4
8
vulnerability VCID-66kh-c1dm-8fbf
9
vulnerability VCID-6u6t-uy5y-5fd6
10
vulnerability VCID-7n9x-c9gs-9yb3
11
vulnerability VCID-953t-q1cr-zyd6
12
vulnerability VCID-9899-uxyb-73gg
13
vulnerability VCID-abjx-8v46-d7d8
14
vulnerability VCID-ansr-8m5j-pya6
15
vulnerability VCID-c57c-akce-xufq
16
vulnerability VCID-cgqm-1wwf-kbg6
17
vulnerability VCID-dsqm-9q3e-dudw
18
vulnerability VCID-dwjk-7sqh-hqa8
19
vulnerability VCID-dyhd-5p1e-fya6
20
vulnerability VCID-e1gr-txgg-fqa6
21
vulnerability VCID-e1ms-4r4s-g7e7
22
vulnerability VCID-e2bk-pfbe-puek
23
vulnerability VCID-e82x-2cdb-7fgn
24
vulnerability VCID-ec17-eauu-67d3
25
vulnerability VCID-ev4k-5k1d-2bhu
26
vulnerability VCID-fdnw-2tz5-4fdr
27
vulnerability VCID-fqkx-v8t5-q3h6
28
vulnerability VCID-gpv4-4tpd-tbaa
29
vulnerability VCID-hm4k-wbq3-r7ej
30
vulnerability VCID-hp99-ncuh-6ugv
31
vulnerability VCID-hsw8-nbs6-auaa
32
vulnerability VCID-hyx9-8ae6-sba8
33
vulnerability VCID-j6x1-dfre-2bdq
34
vulnerability VCID-jp1p-rfxa-hyd9
35
vulnerability VCID-jq5y-7h9g-mufa
36
vulnerability VCID-jwb1-3sbg-kfa5
37
vulnerability VCID-jx9x-wxwq-5khx
38
vulnerability VCID-n18b-qe5x-z7cj
39
vulnerability VCID-nhjv-nke2-2kf8
40
vulnerability VCID-njsj-bwjq-fyap
41
vulnerability VCID-nqqc-nkwq-rqhx
42
vulnerability VCID-p576-w7dd-p3h7
43
vulnerability VCID-p7gd-anw2-1qbz
44
vulnerability VCID-q5f3-nhjn-hyb4
45
vulnerability VCID-qcnh-z4zh-myaw
46
vulnerability VCID-qek9-g3h8-nfdz
47
vulnerability VCID-r6hu-hvdh-abb1
48
vulnerability VCID-rae3-cugy-hbh5
49
vulnerability VCID-rs13-zf7b-mka7
50
vulnerability VCID-teby-zvvw-zkhv
51
vulnerability VCID-tzpj-j3x1-ekgk
52
vulnerability VCID-u6h1-ccgw-jqds
53
vulnerability VCID-ub3e-hrb1-wqac
54
vulnerability VCID-uq77-aax5-k7d8
55
vulnerability VCID-vq15-t92r-5bhx
56
vulnerability VCID-w65h-8a9d-ckgj
57
vulnerability VCID-wms8-dnuz-b3hc
58
vulnerability VCID-xvyu-2hb8-8ufh
59
vulnerability VCID-xw1s-93bu-wuh9
60
vulnerability VCID-ys6f-g39p-fkfc
61
vulnerability VCID-yz6t-ge1y-qfgr
62
vulnerability VCID-zru2-9g25-77dc
63
vulnerability VCID-zybp-mb3d-jyee
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.0.0
1
url pkg:composer/typo3/cms@8.0.0
purl pkg:composer/typo3/cms@8.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11sw-6x9k-vued
1
vulnerability VCID-11u3-8xzy-jfhh
2
vulnerability VCID-1ffs-9vj5-27hk
3
vulnerability VCID-28fn-ncj5-2ufk
4
vulnerability VCID-2r7u-mc45-8yhe
5
vulnerability VCID-2rhr-8vaz-hqfj
6
vulnerability VCID-2rmv-a83x-9ka8
7
vulnerability VCID-2vpx-fqb6-aqfa
8
vulnerability VCID-39jx-muqb-nkfq
9
vulnerability VCID-39vn-73mc-jqav
10
vulnerability VCID-3ugj-6m1e-e3hr
11
vulnerability VCID-4eym-e6vt-8fbs
12
vulnerability VCID-4wnp-gusy-43b8
13
vulnerability VCID-5dxs-cdht-27hw
14
vulnerability VCID-5k47-9k7t-rqak
15
vulnerability VCID-5u2f-5zzf-j3e4
16
vulnerability VCID-66kh-c1dm-8fbf
17
vulnerability VCID-66ru-n2df-b3ay
18
vulnerability VCID-6su8-bbrw-hbhp
19
vulnerability VCID-727q-h3ey-6yc9
20
vulnerability VCID-7ch1-q9f4-a7bt
21
vulnerability VCID-7m6u-k5tp-gkhy
22
vulnerability VCID-848u-w88s-5bbe
23
vulnerability VCID-8p64-6zpt-t3av
24
vulnerability VCID-94r9-hh4g-jkej
25
vulnerability VCID-953t-q1cr-zyd6
26
vulnerability VCID-9726-hafj-wkay
27
vulnerability VCID-9saf-w56y-pugz
28
vulnerability VCID-9yu1-z7c2-t3fj
29
vulnerability VCID-abjx-8v46-d7d8
30
vulnerability VCID-am6s-67bm-77dr
31
vulnerability VCID-bn3p-39sv-6fdg
32
vulnerability VCID-bq2j-t19h-zyad
33
vulnerability VCID-bstt-ybrs-5ua3
34
vulnerability VCID-buj5-2t53-3kcr
35
vulnerability VCID-cbmm-1b2k-8qaz
36
vulnerability VCID-d6c2-upx1-e7cd
37
vulnerability VCID-dsqm-9q3e-dudw
38
vulnerability VCID-e564-zdku-9fc6
39
vulnerability VCID-emqq-kwjg-3kfk
40
vulnerability VCID-eutz-mj58-audb
41
vulnerability VCID-ev4k-5k1d-2bhu
42
vulnerability VCID-f319-jpf5-hyex
43
vulnerability VCID-fdnw-2tz5-4fdr
44
vulnerability VCID-fgqa-5fx9-nkaz
45
vulnerability VCID-fh61-7rfy-s3hg
46
vulnerability VCID-fqkc-utex-3kav
47
vulnerability VCID-fqkx-v8t5-q3h6
48
vulnerability VCID-fut7-bb1f-37g7
49
vulnerability VCID-g7mm-vjbw-bbhd
50
vulnerability VCID-gk79-jtuz-myh6
51
vulnerability VCID-gpv4-4tpd-tbaa
52
vulnerability VCID-h217-xe8x-nua3
53
vulnerability VCID-h7cg-64er-uya9
54
vulnerability VCID-h7hf-sf2q-73ay
55
vulnerability VCID-hp99-ncuh-6ugv
56
vulnerability VCID-hsw8-nbs6-auaa
57
vulnerability VCID-hyx9-8ae6-sba8
58
vulnerability VCID-hzma-cduk-3uhp
59
vulnerability VCID-j8hk-bqnb-gycp
60
vulnerability VCID-j8sh-5evd-dkaz
61
vulnerability VCID-jeqr-9tfu-f7b2
62
vulnerability VCID-jf28-91be-6kbr
63
vulnerability VCID-jmea-qzsr-wkf4
64
vulnerability VCID-jn38-wfec-7bb2
65
vulnerability VCID-jp1p-rfxa-hyd9
66
vulnerability VCID-jq5y-7h9g-mufa
67
vulnerability VCID-jqe4-8hzb-mfea
68
vulnerability VCID-jwb1-3sbg-kfa5
69
vulnerability VCID-k5t3-28es-h3ez
70
vulnerability VCID-khpm-e1xb-hydb
71
vulnerability VCID-ks1q-a8x2-uqht
72
vulnerability VCID-m3nc-xbb4-yubr
73
vulnerability VCID-mctp-nf36-7qdn
74
vulnerability VCID-nhjv-nke2-2kf8
75
vulnerability VCID-njsj-bwjq-fyap
76
vulnerability VCID-nney-azbc-pucg
77
vulnerability VCID-nvbp-pbjw-3qgx
78
vulnerability VCID-p576-w7dd-p3h7
79
vulnerability VCID-p7gd-anw2-1qbz
80
vulnerability VCID-pmvp-twk2-jqe4
81
vulnerability VCID-q2ym-y2rz-1bdn
82
vulnerability VCID-q52p-xfj8-gygd
83
vulnerability VCID-q7vt-19eb-sqeq
84
vulnerability VCID-qcnh-z4zh-myaw
85
vulnerability VCID-qdxh-arxx-wbcr
86
vulnerability VCID-qv14-m93d-jyd9
87
vulnerability VCID-qxab-9uwr-yqhv
88
vulnerability VCID-rqrw-t2kj-mud8
89
vulnerability VCID-ru6w-m6q6-27gn
90
vulnerability VCID-sdjb-gp4t-vbgt
91
vulnerability VCID-sdsa-mh76-kqch
92
vulnerability VCID-sdz8-hju8-4bcb
93
vulnerability VCID-sy7r-d6pv-yba9
94
vulnerability VCID-teby-zvvw-zkhv
95
vulnerability VCID-tzpj-j3x1-ekgk
96
vulnerability VCID-u259-2sxq-tbct
97
vulnerability VCID-u4tq-8qnk-5fd7
98
vulnerability VCID-u5he-6tqb-gqaf
99
vulnerability VCID-u6as-cwxc-pkhk
100
vulnerability VCID-uq77-aax5-k7d8
101
vulnerability VCID-vq15-t92r-5bhx
102
vulnerability VCID-vw2r-g8yy-eyf4
103
vulnerability VCID-w483-prq4-rycx
104
vulnerability VCID-w58p-3wg1-7ycr
105
vulnerability VCID-wat8-4m83-hken
106
vulnerability VCID-wy45-2gmr-fkfg
107
vulnerability VCID-x175-xjek-97ds
108
vulnerability VCID-x5x1-w7yv-eye9
109
vulnerability VCID-xh68-defe-f7ce
110
vulnerability VCID-xpxg-qq49-b7fd
111
vulnerability VCID-xvyu-2hb8-8ufh
112
vulnerability VCID-xw1s-93bu-wuh9
113
vulnerability VCID-y7ds-p5r2-yuhq
114
vulnerability VCID-ygw4-jdqu-4fbt
115
vulnerability VCID-yh6b-tc4u-v3bk
116
vulnerability VCID-yn6z-9v7k-x7br
117
vulnerability VCID-yz6t-ge1y-qfgr
118
vulnerability VCID-zgfw-pk39-gyg8
119
vulnerability VCID-zmwv-gwq3-fkej
120
vulnerability VCID-zrz3-3dnf-tbay
121
vulnerability VCID-zybp-mb3d-jyee
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.0.0
2
url pkg:composer/typo3/cms@8.7.38
purl pkg:composer/typo3/cms@8.7.38
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.38
3
url pkg:composer/typo3/cms@9.5.23
purl pkg:composer/typo3/cms@9.5.23
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11sw-6x9k-vued
1
vulnerability VCID-1ffs-9vj5-27hk
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-2rmv-a83x-9ka8
4
vulnerability VCID-6a22-c7x5-sqe2
5
vulnerability VCID-6mnf-2fcw-dqgp
6
vulnerability VCID-848u-w88s-5bbe
7
vulnerability VCID-a1g9-pyz5-9fca
8
vulnerability VCID-ev4k-5k1d-2bhu
9
vulnerability VCID-fqkx-v8t5-q3h6
10
vulnerability VCID-hsw8-nbs6-auaa
11
vulnerability VCID-j8hk-bqnb-gycp
12
vulnerability VCID-jp1p-rfxa-hyd9
13
vulnerability VCID-sdjb-gp4t-vbgt
14
vulnerability VCID-tzpj-j3x1-ekgk
15
vulnerability VCID-un7r-8sah-33cr
16
vulnerability VCID-uq77-aax5-k7d8
17
vulnerability VCID-zybp-mb3d-jyee
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.23
4
url pkg:composer/typo3/cms@10.4.10
purl pkg:composer/typo3/cms@10.4.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11sw-6x9k-vued
1
vulnerability VCID-13up-fwbr-17am
2
vulnerability VCID-1ffs-9vj5-27hk
3
vulnerability VCID-2rhr-8vaz-hqfj
4
vulnerability VCID-2rmv-a83x-9ka8
5
vulnerability VCID-36cz-khgc-6fft
6
vulnerability VCID-6a22-c7x5-sqe2
7
vulnerability VCID-6hnx-p9hv-jbg2
8
vulnerability VCID-6mnf-2fcw-dqgp
9
vulnerability VCID-6urp-p9mn-cffv
10
vulnerability VCID-6xgm-uan4-u7fu
11
vulnerability VCID-848u-w88s-5bbe
12
vulnerability VCID-9c49-n1a2-pubu
13
vulnerability VCID-a1g9-pyz5-9fca
14
vulnerability VCID-c46m-ht19-ybc4
15
vulnerability VCID-e4zc-fmh2-n7b8
16
vulnerability VCID-ev4k-5k1d-2bhu
17
vulnerability VCID-fqkx-v8t5-q3h6
18
vulnerability VCID-fyyr-48a7-8qch
19
vulnerability VCID-gbev-1zs8-8bac
20
vulnerability VCID-hsw8-nbs6-auaa
21
vulnerability VCID-j8hk-bqnb-gycp
22
vulnerability VCID-jp1p-rfxa-hyd9
23
vulnerability VCID-sdjb-gp4t-vbgt
24
vulnerability VCID-tzpj-j3x1-ekgk
25
vulnerability VCID-un7r-8sah-33cr
26
vulnerability VCID-uq77-aax5-k7d8
27
vulnerability VCID-x8qf-w4vq-mfhm
28
vulnerability VCID-x8tq-5na6-gfbj
29
vulnerability VCID-zybp-mb3d-jyee
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.4.10
aliases CVE-2020-26227, GHSA-vqqx-jw6p-q3rf
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tgyt-axv1-c7ag
5
url VCID-vq15-t92r-5bhx
vulnerability_id VCID-vq15-t92r-5bhx
summary 
Cross-site Scripting
The page module in TYPO3 is vulnerable to XSS via `$GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename']`, as demonstrated by an admin entering a crafted site name during the installation process.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-6905
reference_id
reference_type
scores
0
value 0.02274
scoring_system epss
scoring_elements 0.84989
published_at 2026-06-06T12:55:00Z
1
value 0.02274
scoring_system epss
scoring_elements 0.84984
published_at 2026-06-05T12:55:00Z
2
value 0.02274
scoring_system epss
scoring_elements 0.8496
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-6905
1
reference_url https://forge.typo3.org/issues/84191
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://forge.typo3.org/issues/84191
2
reference_url https://github.com/pradeepjairamani/TYPO3-XSS-POC
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pradeepjairamani/TYPO3-XSS-POC
3
reference_url https://github.com/TYPO3/typo3/commit/d2c0ea7db3b31a796a82f9d39f77f9983beb7c35
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3/commit/d2c0ea7db3b31a796a82f9d39f77f9983beb7c35
4
reference_url http://www.securitytracker.com/id/1040755
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1040755
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-6905
reference_id CVE-2018-6905
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-6905
fixed_packages
0
url pkg:composer/typo3/cms@8.7.11
purl pkg:composer/typo3/cms@8.7.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11sw-6x9k-vued
1
vulnerability VCID-11u3-8xzy-jfhh
2
vulnerability VCID-1ffs-9vj5-27hk
3
vulnerability VCID-28fn-ncj5-2ufk
4
vulnerability VCID-2rhr-8vaz-hqfj
5
vulnerability VCID-2rmv-a83x-9ka8
6
vulnerability VCID-39vn-73mc-jqav
7
vulnerability VCID-3ugj-6m1e-e3hr
8
vulnerability VCID-4eym-e6vt-8fbs
9
vulnerability VCID-5k47-9k7t-rqak
10
vulnerability VCID-66kh-c1dm-8fbf
11
vulnerability VCID-6a22-c7x5-sqe2
12
vulnerability VCID-7ch1-q9f4-a7bt
13
vulnerability VCID-7m6u-k5tp-gkhy
14
vulnerability VCID-848u-w88s-5bbe
15
vulnerability VCID-94r9-hh4g-jkej
16
vulnerability VCID-953t-q1cr-zyd6
17
vulnerability VCID-9yu1-z7c2-t3fj
18
vulnerability VCID-abjx-8v46-d7d8
19
vulnerability VCID-am6s-67bm-77dr
20
vulnerability VCID-bn3p-39sv-6fdg
21
vulnerability VCID-buj5-2t53-3kcr
22
vulnerability VCID-dsqm-9q3e-dudw
23
vulnerability VCID-emqq-kwjg-3kfk
24
vulnerability VCID-ev4k-5k1d-2bhu
25
vulnerability VCID-f319-jpf5-hyex
26
vulnerability VCID-fdnw-2tz5-4fdr
27
vulnerability VCID-fpa2-ffg1-fyaa
28
vulnerability VCID-fqkc-utex-3kav
29
vulnerability VCID-fqkx-v8t5-q3h6
30
vulnerability VCID-fut7-bb1f-37g7
31
vulnerability VCID-gpv4-4tpd-tbaa
32
vulnerability VCID-hknp-f88a-kqec
33
vulnerability VCID-hp99-ncuh-6ugv
34
vulnerability VCID-hsw8-nbs6-auaa
35
vulnerability VCID-hyx9-8ae6-sba8
36
vulnerability VCID-j8hk-bqnb-gycp
37
vulnerability VCID-je4q-svfw-hqda
38
vulnerability VCID-jp1p-rfxa-hyd9
39
vulnerability VCID-jq5y-7h9g-mufa
40
vulnerability VCID-jwb1-3sbg-kfa5
41
vulnerability VCID-k5t3-28es-h3ez
42
vulnerability VCID-khpm-e1xb-hydb
43
vulnerability VCID-njsj-bwjq-fyap
44
vulnerability VCID-nney-azbc-pucg
45
vulnerability VCID-p576-w7dd-p3h7
46
vulnerability VCID-p7gd-anw2-1qbz
47
vulnerability VCID-pmvp-twk2-jqe4
48
vulnerability VCID-q7vt-19eb-sqeq
49
vulnerability VCID-qcnh-z4zh-myaw
50
vulnerability VCID-qdxh-arxx-wbcr
51
vulnerability VCID-qv14-m93d-jyd9
52
vulnerability VCID-qxab-9uwr-yqhv
53
vulnerability VCID-rqrw-t2kj-mud8
54
vulnerability VCID-ru6w-m6q6-27gn
55
vulnerability VCID-sdjb-gp4t-vbgt
56
vulnerability VCID-sdsa-mh76-kqch
57
vulnerability VCID-teby-zvvw-zkhv
58
vulnerability VCID-tgyt-axv1-c7ag
59
vulnerability VCID-tzpj-j3x1-ekgk
60
vulnerability VCID-u259-2sxq-tbct
61
vulnerability VCID-u6as-cwxc-pkhk
62
vulnerability VCID-uq77-aax5-k7d8
63
vulnerability VCID-vw2r-g8yy-eyf4
64
vulnerability VCID-w1wb-mq2y-dfca
65
vulnerability VCID-w483-prq4-rycx
66
vulnerability VCID-wat8-4m83-hken
67
vulnerability VCID-x5x1-w7yv-eye9
68
vulnerability VCID-xvyu-2hb8-8ufh
69
vulnerability VCID-xw1s-93bu-wuh9
70
vulnerability VCID-y7ds-p5r2-yuhq
71
vulnerability VCID-yh6b-tc4u-v3bk
72
vulnerability VCID-yz6t-ge1y-qfgr
73
vulnerability VCID-zgfw-pk39-gyg8
74
vulnerability VCID-zmwv-gwq3-fkej
75
vulnerability VCID-zybp-mb3d-jyee
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.11
1
url pkg:composer/typo3/cms@9.1.0
purl pkg:composer/typo3/cms@9.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11sw-6x9k-vued
1
vulnerability VCID-11u3-8xzy-jfhh
2
vulnerability VCID-1ffs-9vj5-27hk
3
vulnerability VCID-1sfk-z8py-ykb8
4
vulnerability VCID-28fn-ncj5-2ufk
5
vulnerability VCID-2rhr-8vaz-hqfj
6
vulnerability VCID-2rmv-a83x-9ka8
7
vulnerability VCID-39vn-73mc-jqav
8
vulnerability VCID-3k2k-a3gb-n3ba
9
vulnerability VCID-3ugj-6m1e-e3hr
10
vulnerability VCID-3ye6-vqje-abh4
11
vulnerability VCID-4an7-9ph4-mkd4
12
vulnerability VCID-4eym-e6vt-8fbs
13
vulnerability VCID-4jck-w9ct-budk
14
vulnerability VCID-5k47-9k7t-rqak
15
vulnerability VCID-66kh-c1dm-8fbf
16
vulnerability VCID-6a22-c7x5-sqe2
17
vulnerability VCID-6mnf-2fcw-dqgp
18
vulnerability VCID-7ch1-q9f4-a7bt
19
vulnerability VCID-7m6u-k5tp-gkhy
20
vulnerability VCID-7xv1-78u7-xufp
21
vulnerability VCID-848u-w88s-5bbe
22
vulnerability VCID-8w4e-d49b-nbg8
23
vulnerability VCID-94r9-hh4g-jkej
24
vulnerability VCID-953t-q1cr-zyd6
25
vulnerability VCID-9adx-p876-kyb5
26
vulnerability VCID-9yu1-z7c2-t3fj
27
vulnerability VCID-a1g9-pyz5-9fca
28
vulnerability VCID-abjx-8v46-d7d8
29
vulnerability VCID-am6s-67bm-77dr
30
vulnerability VCID-bbh5-rss8-bfct
31
vulnerability VCID-buj5-2t53-3kcr
32
vulnerability VCID-cvk2-93hm-gkhx
33
vulnerability VCID-dsqm-9q3e-dudw
34
vulnerability VCID-e6zr-4bgg-kkh5
35
vulnerability VCID-emqq-kwjg-3kfk
36
vulnerability VCID-ev4k-5k1d-2bhu
37
vulnerability VCID-f319-jpf5-hyex
38
vulnerability VCID-f4n7-q72x-3yea
39
vulnerability VCID-fpa2-ffg1-fyaa
40
vulnerability VCID-fqkc-utex-3kav
41
vulnerability VCID-fqkx-v8t5-q3h6
42
vulnerability VCID-fut7-bb1f-37g7
43
vulnerability VCID-gpv4-4tpd-tbaa
44
vulnerability VCID-hknp-f88a-kqec
45
vulnerability VCID-hp99-ncuh-6ugv
46
vulnerability VCID-hsw8-nbs6-auaa
47
vulnerability VCID-j8hk-bqnb-gycp
48
vulnerability VCID-je4q-svfw-hqda
49
vulnerability VCID-jp1p-rfxa-hyd9
50
vulnerability VCID-jq5y-7h9g-mufa
51
vulnerability VCID-jwb1-3sbg-kfa5
52
vulnerability VCID-k5t3-28es-h3ez
53
vulnerability VCID-khpm-e1xb-hydb
54
vulnerability VCID-n1gz-y615-cbbk
55
vulnerability VCID-njsj-bwjq-fyap
56
vulnerability VCID-nney-azbc-pucg
57
vulnerability VCID-p576-w7dd-p3h7
58
vulnerability VCID-p7gd-anw2-1qbz
59
vulnerability VCID-pmvp-twk2-jqe4
60
vulnerability VCID-q2t1-kx56-s3c3
61
vulnerability VCID-q7vt-19eb-sqeq
62
vulnerability VCID-qcnh-z4zh-myaw
63
vulnerability VCID-qdxh-arxx-wbcr
64
vulnerability VCID-qv14-m93d-jyd9
65
vulnerability VCID-qxab-9uwr-yqhv
66
vulnerability VCID-rqrw-t2kj-mud8
67
vulnerability VCID-ru6w-m6q6-27gn
68
vulnerability VCID-sdjb-gp4t-vbgt
69
vulnerability VCID-sdsa-mh76-kqch
70
vulnerability VCID-teby-zvvw-zkhv
71
vulnerability VCID-tgyt-axv1-c7ag
72
vulnerability VCID-tzpj-j3x1-ekgk
73
vulnerability VCID-u259-2sxq-tbct
74
vulnerability VCID-u6as-cwxc-pkhk
75
vulnerability VCID-un7r-8sah-33cr
76
vulnerability VCID-uq77-aax5-k7d8
77
vulnerability VCID-vw2r-g8yy-eyf4
78
vulnerability VCID-w1wb-mq2y-dfca
79
vulnerability VCID-w7z1-aw31-vugx
80
vulnerability VCID-wat8-4m83-hken
81
vulnerability VCID-x5x1-w7yv-eye9
82
vulnerability VCID-xvyu-2hb8-8ufh
83
vulnerability VCID-xw1s-93bu-wuh9
84
vulnerability VCID-y7ds-p5r2-yuhq
85
vulnerability VCID-yh6b-tc4u-v3bk
86
vulnerability VCID-yz6t-ge1y-qfgr
87
vulnerability VCID-zeut-9wfp-q7et
88
vulnerability VCID-zgfw-pk39-gyg8
89
vulnerability VCID-zkvq-bms4-gfcv
90
vulnerability VCID-zmwv-gwq3-fkej
91
vulnerability VCID-zybp-mb3d-jyee
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.1.0
2
url pkg:composer/typo3/cms@9.2.0
purl pkg:composer/typo3/cms@9.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11sw-6x9k-vued
1
vulnerability VCID-11u3-8xzy-jfhh
2
vulnerability VCID-1ffs-9vj5-27hk
3
vulnerability VCID-1sfk-z8py-ykb8
4
vulnerability VCID-28fn-ncj5-2ufk
5
vulnerability VCID-2rhr-8vaz-hqfj
6
vulnerability VCID-2rmv-a83x-9ka8
7
vulnerability VCID-39vn-73mc-jqav
8
vulnerability VCID-3k2k-a3gb-n3ba
9
vulnerability VCID-3ugj-6m1e-e3hr
10
vulnerability VCID-3ye6-vqje-abh4
11
vulnerability VCID-4an7-9ph4-mkd4
12
vulnerability VCID-4eym-e6vt-8fbs
13
vulnerability VCID-4jck-w9ct-budk
14
vulnerability VCID-5k47-9k7t-rqak
15
vulnerability VCID-66kh-c1dm-8fbf
16
vulnerability VCID-6a22-c7x5-sqe2
17
vulnerability VCID-6mnf-2fcw-dqgp
18
vulnerability VCID-7ch1-q9f4-a7bt
19
vulnerability VCID-7m6u-k5tp-gkhy
20
vulnerability VCID-7xv1-78u7-xufp
21
vulnerability VCID-848u-w88s-5bbe
22
vulnerability VCID-8w4e-d49b-nbg8
23
vulnerability VCID-94r9-hh4g-jkej
24
vulnerability VCID-953t-q1cr-zyd6
25
vulnerability VCID-9adx-p876-kyb5
26
vulnerability VCID-9yu1-z7c2-t3fj
27
vulnerability VCID-a1g9-pyz5-9fca
28
vulnerability VCID-abjx-8v46-d7d8
29
vulnerability VCID-am6s-67bm-77dr
30
vulnerability VCID-bbh5-rss8-bfct
31
vulnerability VCID-buj5-2t53-3kcr
32
vulnerability VCID-cvk2-93hm-gkhx
33
vulnerability VCID-dsqm-9q3e-dudw
34
vulnerability VCID-e6zr-4bgg-kkh5
35
vulnerability VCID-emqq-kwjg-3kfk
36
vulnerability VCID-ev4k-5k1d-2bhu
37
vulnerability VCID-f319-jpf5-hyex
38
vulnerability VCID-f4n7-q72x-3yea
39
vulnerability VCID-fpa2-ffg1-fyaa
40
vulnerability VCID-fqkc-utex-3kav
41
vulnerability VCID-fqkx-v8t5-q3h6
42
vulnerability VCID-fut7-bb1f-37g7
43
vulnerability VCID-gpv4-4tpd-tbaa
44
vulnerability VCID-hknp-f88a-kqec
45
vulnerability VCID-hp99-ncuh-6ugv
46
vulnerability VCID-hsw8-nbs6-auaa
47
vulnerability VCID-j8hk-bqnb-gycp
48
vulnerability VCID-je4q-svfw-hqda
49
vulnerability VCID-jp1p-rfxa-hyd9
50
vulnerability VCID-jq5y-7h9g-mufa
51
vulnerability VCID-jwb1-3sbg-kfa5
52
vulnerability VCID-k5t3-28es-h3ez
53
vulnerability VCID-khpm-e1xb-hydb
54
vulnerability VCID-n1gz-y615-cbbk
55
vulnerability VCID-njsj-bwjq-fyap
56
vulnerability VCID-nney-azbc-pucg
57
vulnerability VCID-p576-w7dd-p3h7
58
vulnerability VCID-p7gd-anw2-1qbz
59
vulnerability VCID-pmvp-twk2-jqe4
60
vulnerability VCID-q2t1-kx56-s3c3
61
vulnerability VCID-q7vt-19eb-sqeq
62
vulnerability VCID-qcnh-z4zh-myaw
63
vulnerability VCID-qdxh-arxx-wbcr
64
vulnerability VCID-qv14-m93d-jyd9
65
vulnerability VCID-qxab-9uwr-yqhv
66
vulnerability VCID-rqrw-t2kj-mud8
67
vulnerability VCID-ru6w-m6q6-27gn
68
vulnerability VCID-sdjb-gp4t-vbgt
69
vulnerability VCID-sdsa-mh76-kqch
70
vulnerability VCID-teby-zvvw-zkhv
71
vulnerability VCID-tgyt-axv1-c7ag
72
vulnerability VCID-tzpj-j3x1-ekgk
73
vulnerability VCID-u259-2sxq-tbct
74
vulnerability VCID-u6as-cwxc-pkhk
75
vulnerability VCID-un7r-8sah-33cr
76
vulnerability VCID-uq77-aax5-k7d8
77
vulnerability VCID-vw2r-g8yy-eyf4
78
vulnerability VCID-w1wb-mq2y-dfca
79
vulnerability VCID-w7z1-aw31-vugx
80
vulnerability VCID-wat8-4m83-hken
81
vulnerability VCID-x5x1-w7yv-eye9
82
vulnerability VCID-xvyu-2hb8-8ufh
83
vulnerability VCID-xw1s-93bu-wuh9
84
vulnerability VCID-y7ds-p5r2-yuhq
85
vulnerability VCID-yh6b-tc4u-v3bk
86
vulnerability VCID-yz6t-ge1y-qfgr
87
vulnerability VCID-zeut-9wfp-q7et
88
vulnerability VCID-zgfw-pk39-gyg8
89
vulnerability VCID-zkvq-bms4-gfcv
90
vulnerability VCID-zmwv-gwq3-fkej
91
vulnerability VCID-zybp-mb3d-jyee
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.2.0
aliases CVE-2018-6905, GHSA-3w22-wrwx-2r75
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vq15-t92r-5bhx
6
url VCID-xw1s-93bu-wuh9
vulnerability_id VCID-xw1s-93bu-wuh9
summary 
Path Traversal
It has been discovered that the extraction of manually uploaded ZIP archives in Extension Manager is vulnerable to directory traversal. Admin privileges are required in order to exploit this vulnerability.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-19848
reference_id
reference_type
scores
0
value 0.00374
scoring_system epss
scoring_elements 0.59443
published_at 2026-06-05T12:55:00Z
1
value 0.00374
scoring_system epss
scoring_elements 0.59447
published_at 2026-06-06T12:55:00Z
2
value 0.00374
scoring_system epss
scoring_elements 0.59393
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-19848
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-19848.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2019-19848.yaml
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-19848.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2019-19848.yaml
3
reference_url https://review.typo3.org/q/%2522Resolves:+%252388764%2522+topic:security
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://review.typo3.org/q/%2522Resolves:+%252388764%2522+topic:security
4
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-024
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2019-024
5
reference_url https://typo3.org/security/advisory/typo3-core-sa-2019-024/
reference_id
reference_type
scores
url https://typo3.org/security/advisory/typo3-core-sa-2019-024/
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-19848
reference_id CVE-2019-19848
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-19848
7
reference_url https://github.com/advisories/GHSA-77p4-wfr8-977w
reference_id GHSA-77p4-wfr8-977w
reference_type
scores
url https://github.com/advisories/GHSA-77p4-wfr8-977w
fixed_packages
0
url pkg:composer/typo3/cms@8.7.30
purl pkg:composer/typo3/cms@8.7.30
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11sw-6x9k-vued
1
vulnerability VCID-1ffs-9vj5-27hk
2
vulnerability VCID-2rhr-8vaz-hqfj
3
vulnerability VCID-2rmv-a83x-9ka8
4
vulnerability VCID-6a22-c7x5-sqe2
5
vulnerability VCID-848u-w88s-5bbe
6
vulnerability VCID-ev4k-5k1d-2bhu
7
vulnerability VCID-fqkx-v8t5-q3h6
8
vulnerability VCID-hsw8-nbs6-auaa
9
vulnerability VCID-j8hk-bqnb-gycp
10
vulnerability VCID-jp1p-rfxa-hyd9
11
vulnerability VCID-sdjb-gp4t-vbgt
12
vulnerability VCID-tgyt-axv1-c7ag
13
vulnerability VCID-tzpj-j3x1-ekgk
14
vulnerability VCID-uq77-aax5-k7d8
15
vulnerability VCID-zybp-mb3d-jyee
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.30
1
url pkg:composer/typo3/cms@9.5.12
purl pkg:composer/typo3/cms@9.5.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11sw-6x9k-vued
1
vulnerability VCID-1ffs-9vj5-27hk
2
vulnerability VCID-1sfk-z8py-ykb8
3
vulnerability VCID-2rhr-8vaz-hqfj
4
vulnerability VCID-2rmv-a83x-9ka8
5
vulnerability VCID-4an7-9ph4-mkd4
6
vulnerability VCID-6a22-c7x5-sqe2
7
vulnerability VCID-6mnf-2fcw-dqgp
8
vulnerability VCID-848u-w88s-5bbe
9
vulnerability VCID-8w4e-d49b-nbg8
10
vulnerability VCID-a1g9-pyz5-9fca
11
vulnerability VCID-bbh5-rss8-bfct
12
vulnerability VCID-bcbd-zzet-mff6
13
vulnerability VCID-e6zr-4bgg-kkh5
14
vulnerability VCID-ev4k-5k1d-2bhu
15
vulnerability VCID-fqkx-v8t5-q3h6
16
vulnerability VCID-hsw8-nbs6-auaa
17
vulnerability VCID-j8hk-bqnb-gycp
18
vulnerability VCID-jp1p-rfxa-hyd9
19
vulnerability VCID-n1gz-y615-cbbk
20
vulnerability VCID-sdjb-gp4t-vbgt
21
vulnerability VCID-tgyt-axv1-c7ag
22
vulnerability VCID-tzpj-j3x1-ekgk
23
vulnerability VCID-un7r-8sah-33cr
24
vulnerability VCID-uq77-aax5-k7d8
25
vulnerability VCID-zkvq-bms4-gfcv
26
vulnerability VCID-zybp-mb3d-jyee
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.12
2
url pkg:composer/typo3/cms@10.2.2
purl pkg:composer/typo3/cms@10.2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11sw-6x9k-vued
1
vulnerability VCID-13up-fwbr-17am
2
vulnerability VCID-1ffs-9vj5-27hk
3
vulnerability VCID-1sfk-z8py-ykb8
4
vulnerability VCID-2rhr-8vaz-hqfj
5
vulnerability VCID-2rmv-a83x-9ka8
6
vulnerability VCID-2tz2-8qdm-2kcv
7
vulnerability VCID-36cz-khgc-6fft
8
vulnerability VCID-4an7-9ph4-mkd4
9
vulnerability VCID-6a22-c7x5-sqe2
10
vulnerability VCID-6hnx-p9hv-jbg2
11
vulnerability VCID-6mnf-2fcw-dqgp
12
vulnerability VCID-6urp-p9mn-cffv
13
vulnerability VCID-6xgm-uan4-u7fu
14
vulnerability VCID-848u-w88s-5bbe
15
vulnerability VCID-8w4e-d49b-nbg8
16
vulnerability VCID-9c49-n1a2-pubu
17
vulnerability VCID-a1g9-pyz5-9fca
18
vulnerability VCID-bbh5-rss8-bfct
19
vulnerability VCID-bcbd-zzet-mff6
20
vulnerability VCID-c46m-ht19-ybc4
21
vulnerability VCID-e4zc-fmh2-n7b8
22
vulnerability VCID-e6zr-4bgg-kkh5
23
vulnerability VCID-ev4k-5k1d-2bhu
24
vulnerability VCID-fqkx-v8t5-q3h6
25
vulnerability VCID-fyyr-48a7-8qch
26
vulnerability VCID-gbev-1zs8-8bac
27
vulnerability VCID-hsw8-nbs6-auaa
28
vulnerability VCID-j8hk-bqnb-gycp
29
vulnerability VCID-jp1p-rfxa-hyd9
30
vulnerability VCID-n1gz-y615-cbbk
31
vulnerability VCID-r3az-g422-gqf9
32
vulnerability VCID-sdjb-gp4t-vbgt
33
vulnerability VCID-tgyt-axv1-c7ag
34
vulnerability VCID-tzpj-j3x1-ekgk
35
vulnerability VCID-un7r-8sah-33cr
36
vulnerability VCID-uq77-aax5-k7d8
37
vulnerability VCID-x8qf-w4vq-mfhm
38
vulnerability VCID-x8tq-5na6-gfbj
39
vulnerability VCID-zkvq-bms4-gfcv
40
vulnerability VCID-zybp-mb3d-jyee
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.2.2
aliases CVE-2019-19848, GHSA-77p4-wfr8-977w
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xw1s-93bu-wuh9
7
url VCID-zybp-mb3d-jyee
vulnerability_id VCID-zybp-mb3d-jyee
summary 
TYPO3 CMS vulnerable to Weak Authentication in Frontend Login
### Problem
Restricting frontend login to specific users, organized in different storage folders (partitions), can be bypassed. A potential attacker might use this ambiguity in usernames to get access to a different account - however, credentials must be known to the adversary.

### Solution
Update to TYPO3 versions 8.7.49 ELTS, 9.5.38 ELTS, 10.4.33, 11.5.20, 12.1.1 that fix the problem described above.

### References
* [TYPO3-CORE-SA-2022-013](https://typo3.org/security/advisory/typo3-core-sa-2022-013)
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23501
reference_id
reference_type
scores
0
value 0.00187
scoring_system epss
scoring_elements 0.40437
published_at 2026-06-06T12:55:00Z
1
value 0.00187
scoring_system epss
scoring_elements 0.40434
published_at 2026-06-05T12:55:00Z
2
value 0.00187
scoring_system epss
scoring_elements 0.40354
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23501
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2022-23501.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2022-23501.yaml
2
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2022-23501.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2022-23501.yaml
3
reference_url https://github.com/TYPO3/typo3
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3
4
reference_url https://github.com/TYPO3/typo3/commit/28be9cdb3fed02ce4cfc6fa2d39f7d8e2266eced
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3/commit/28be9cdb3fed02ce4cfc6fa2d39f7d8e2266eced
5
reference_url https://github.com/TYPO3/typo3/security/advisories/GHSA-jfp7-79g7-89rf
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T18:48:00Z/
url https://github.com/TYPO3/typo3/security/advisories/GHSA-jfp7-79g7-89rf
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23501
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-23501
7
reference_url https://typo3.org/security/advisory/typo3-core-sa-2022-013
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2022-013
8
reference_url https://github.com/advisories/GHSA-jfp7-79g7-89rf
reference_id GHSA-jfp7-79g7-89rf
reference_type
scores
url https://github.com/advisories/GHSA-jfp7-79g7-89rf
fixed_packages
0
url pkg:composer/typo3/cms@10.4.33
purl pkg:composer/typo3/cms@10.4.33
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6a22-c7x5-sqe2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@10.4.33
1
url pkg:composer/typo3/cms@11.5.20
purl pkg:composer/typo3/cms@11.5.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6a22-c7x5-sqe2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@11.5.20
2
url pkg:composer/typo3/cms@12.1.1
purl pkg:composer/typo3/cms@12.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6a22-c7x5-sqe2
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@12.1.1
aliases CVE-2022-23501, GHSA-jfp7-79g7-89rf, GMS-2022-8134
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zybp-mb3d-jyee
Fixing_vulnerabilities
0
url VCID-4wnp-gusy-43b8
vulnerability_id VCID-4wnp-gusy-43b8
summary 
TYPO3 Remote Code Execution in third party library swiftmailer
TYPO3 uses the package swiftmailer/swiftmailer for mail actions. This package is known to be vulnerable to Remote Code Execution.
references
0
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2017-01-03-1.yaml
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2017-01-03-1.yaml
1
reference_url https://github.com/TYPO3/typo3
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3
2
reference_url https://typo3.org/security/advisory/typo3-core-sa-2017-001
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://typo3.org/security/advisory/typo3-core-sa-2017-001
3
reference_url https://github.com/advisories/GHSA-g4pf-3jvq-2gcw
reference_id GHSA-g4pf-3jvq-2gcw
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-g4pf-3jvq-2gcw
fixed_packages
0
url pkg:composer/typo3/cms@6.2.30
purl pkg:composer/typo3/cms@6.2.30
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ev4k-5k1d-2bhu
1
vulnerability VCID-fqkx-v8t5-q3h6
2
vulnerability VCID-nqqc-nkwq-rqhx
3
vulnerability VCID-p7gd-anw2-1qbz
4
vulnerability VCID-tgyt-axv1-c7ag
5
vulnerability VCID-vq15-t92r-5bhx
6
vulnerability VCID-xw1s-93bu-wuh9
7
vulnerability VCID-zybp-mb3d-jyee
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.30
1
url pkg:composer/typo3/cms@7.6.15
purl pkg:composer/typo3/cms@7.6.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28fn-ncj5-2ufk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-2rmv-a83x-9ka8
3
vulnerability VCID-3ugj-6m1e-e3hr
4
vulnerability VCID-5u2f-5zzf-j3e4
5
vulnerability VCID-66kh-c1dm-8fbf
6
vulnerability VCID-66ru-n2df-b3ay
7
vulnerability VCID-953t-q1cr-zyd6
8
vulnerability VCID-9726-hafj-wkay
9
vulnerability VCID-9bep-jsfw-x3gn
10
vulnerability VCID-9saf-w56y-pugz
11
vulnerability VCID-abjx-8v46-d7d8
12
vulnerability VCID-dsqm-9q3e-dudw
13
vulnerability VCID-e564-zdku-9fc6
14
vulnerability VCID-ev4k-5k1d-2bhu
15
vulnerability VCID-fdnw-2tz5-4fdr
16
vulnerability VCID-fqkx-v8t5-q3h6
17
vulnerability VCID-gpv4-4tpd-tbaa
18
vulnerability VCID-h7cg-64er-uya9
19
vulnerability VCID-hp99-ncuh-6ugv
20
vulnerability VCID-hsw8-nbs6-auaa
21
vulnerability VCID-hyx9-8ae6-sba8
22
vulnerability VCID-j8sh-5evd-dkaz
23
vulnerability VCID-jp1p-rfxa-hyd9
24
vulnerability VCID-jq5y-7h9g-mufa
25
vulnerability VCID-jqe4-8hzb-mfea
26
vulnerability VCID-jwb1-3sbg-kfa5
27
vulnerability VCID-mctp-nf36-7qdn
28
vulnerability VCID-njsj-bwjq-fyap
29
vulnerability VCID-p576-w7dd-p3h7
30
vulnerability VCID-p7gd-anw2-1qbz
31
vulnerability VCID-qcnh-z4zh-myaw
32
vulnerability VCID-sy7r-d6pv-yba9
33
vulnerability VCID-teby-zvvw-zkhv
34
vulnerability VCID-tgyt-axv1-c7ag
35
vulnerability VCID-tzpj-j3x1-ekgk
36
vulnerability VCID-u5he-6tqb-gqaf
37
vulnerability VCID-uq77-aax5-k7d8
38
vulnerability VCID-vq15-t92r-5bhx
39
vulnerability VCID-xh68-defe-f7ce
40
vulnerability VCID-xvyu-2hb8-8ufh
41
vulnerability VCID-xw1s-93bu-wuh9
42
vulnerability VCID-ygw4-jdqu-4fbt
43
vulnerability VCID-yz6t-ge1y-qfgr
44
vulnerability VCID-zybp-mb3d-jyee
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.15
2
url pkg:composer/typo3/cms@8.5.1
purl pkg:composer/typo3/cms@8.5.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11sw-6x9k-vued
1
vulnerability VCID-11u3-8xzy-jfhh
2
vulnerability VCID-1ffs-9vj5-27hk
3
vulnerability VCID-28fn-ncj5-2ufk
4
vulnerability VCID-2rhr-8vaz-hqfj
5
vulnerability VCID-2rmv-a83x-9ka8
6
vulnerability VCID-39vn-73mc-jqav
7
vulnerability VCID-3ugj-6m1e-e3hr
8
vulnerability VCID-4eym-e6vt-8fbs
9
vulnerability VCID-5k47-9k7t-rqak
10
vulnerability VCID-5u2f-5zzf-j3e4
11
vulnerability VCID-66kh-c1dm-8fbf
12
vulnerability VCID-66ru-n2df-b3ay
13
vulnerability VCID-7ch1-q9f4-a7bt
14
vulnerability VCID-7m6u-k5tp-gkhy
15
vulnerability VCID-848u-w88s-5bbe
16
vulnerability VCID-94r9-hh4g-jkej
17
vulnerability VCID-953t-q1cr-zyd6
18
vulnerability VCID-9726-hafj-wkay
19
vulnerability VCID-9saf-w56y-pugz
20
vulnerability VCID-9yu1-z7c2-t3fj
21
vulnerability VCID-abjx-8v46-d7d8
22
vulnerability VCID-am6s-67bm-77dr
23
vulnerability VCID-bn3p-39sv-6fdg
24
vulnerability VCID-buj5-2t53-3kcr
25
vulnerability VCID-d6c2-upx1-e7cd
26
vulnerability VCID-dsqm-9q3e-dudw
27
vulnerability VCID-e564-zdku-9fc6
28
vulnerability VCID-emqq-kwjg-3kfk
29
vulnerability VCID-ev4k-5k1d-2bhu
30
vulnerability VCID-f319-jpf5-hyex
31
vulnerability VCID-f837-rs5d-jbbp
32
vulnerability VCID-fdnw-2tz5-4fdr
33
vulnerability VCID-fpa2-ffg1-fyaa
34
vulnerability VCID-fqkc-utex-3kav
35
vulnerability VCID-fqkx-v8t5-q3h6
36
vulnerability VCID-fut7-bb1f-37g7
37
vulnerability VCID-gpv4-4tpd-tbaa
38
vulnerability VCID-h7cg-64er-uya9
39
vulnerability VCID-hg2n-xera-jkdh
40
vulnerability VCID-hknp-f88a-kqec
41
vulnerability VCID-hp99-ncuh-6ugv
42
vulnerability VCID-hsw8-nbs6-auaa
43
vulnerability VCID-hyx9-8ae6-sba8
44
vulnerability VCID-j8hk-bqnb-gycp
45
vulnerability VCID-j8sh-5evd-dkaz
46
vulnerability VCID-je4q-svfw-hqda
47
vulnerability VCID-jp1p-rfxa-hyd9
48
vulnerability VCID-jq5y-7h9g-mufa
49
vulnerability VCID-jqe4-8hzb-mfea
50
vulnerability VCID-jwb1-3sbg-kfa5
51
vulnerability VCID-k5t3-28es-h3ez
52
vulnerability VCID-khpm-e1xb-hydb
53
vulnerability VCID-mctp-nf36-7qdn
54
vulnerability VCID-njsj-bwjq-fyap
55
vulnerability VCID-nney-azbc-pucg
56
vulnerability VCID-p576-w7dd-p3h7
57
vulnerability VCID-p7gd-anw2-1qbz
58
vulnerability VCID-pmvp-twk2-jqe4
59
vulnerability VCID-q2ym-y2rz-1bdn
60
vulnerability VCID-q52p-xfj8-gygd
61
vulnerability VCID-q7vt-19eb-sqeq
62
vulnerability VCID-qcnh-z4zh-myaw
63
vulnerability VCID-qdxh-arxx-wbcr
64
vulnerability VCID-qv14-m93d-jyd9
65
vulnerability VCID-qxab-9uwr-yqhv
66
vulnerability VCID-rqrw-t2kj-mud8
67
vulnerability VCID-ru6w-m6q6-27gn
68
vulnerability VCID-sdjb-gp4t-vbgt
69
vulnerability VCID-sdsa-mh76-kqch
70
vulnerability VCID-sy7r-d6pv-yba9
71
vulnerability VCID-teby-zvvw-zkhv
72
vulnerability VCID-tzpj-j3x1-ekgk
73
vulnerability VCID-u259-2sxq-tbct
74
vulnerability VCID-u5he-6tqb-gqaf
75
vulnerability VCID-u6as-cwxc-pkhk
76
vulnerability VCID-uq77-aax5-k7d8
77
vulnerability VCID-vq15-t92r-5bhx
78
vulnerability VCID-vw2r-g8yy-eyf4
79
vulnerability VCID-w1wb-mq2y-dfca
80
vulnerability VCID-w483-prq4-rycx
81
vulnerability VCID-wat8-4m83-hken
82
vulnerability VCID-wy45-2gmr-fkfg
83
vulnerability VCID-x5x1-w7yv-eye9
84
vulnerability VCID-xh68-defe-f7ce
85
vulnerability VCID-xvyu-2hb8-8ufh
86
vulnerability VCID-xw1s-93bu-wuh9
87
vulnerability VCID-y7ds-p5r2-yuhq
88
vulnerability VCID-ygw4-jdqu-4fbt
89
vulnerability VCID-yh6b-tc4u-v3bk
90
vulnerability VCID-yz6t-ge1y-qfgr
91
vulnerability VCID-zgfw-pk39-gyg8
92
vulnerability VCID-zmwv-gwq3-fkej
93
vulnerability VCID-zybp-mb3d-jyee
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.5.1
aliases GHSA-g4pf-3jvq-2gcw
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4wnp-gusy-43b8
1
url VCID-h7hf-sf2q-73ay
vulnerability_id VCID-h7hf-sf2q-73ay
summary 
Code Injection
Remote Code Execution in third party library swiftmailer.
references
0
reference_url https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-001/
reference_id
reference_type
scores
url https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-001/
fixed_packages
0
url pkg:composer/typo3/cms@6.2.30
purl pkg:composer/typo3/cms@6.2.30
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ev4k-5k1d-2bhu
1
vulnerability VCID-fqkx-v8t5-q3h6
2
vulnerability VCID-nqqc-nkwq-rqhx
3
vulnerability VCID-p7gd-anw2-1qbz
4
vulnerability VCID-tgyt-axv1-c7ag
5
vulnerability VCID-vq15-t92r-5bhx
6
vulnerability VCID-xw1s-93bu-wuh9
7
vulnerability VCID-zybp-mb3d-jyee
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.30
1
url pkg:composer/typo3/cms@7.0.0
purl pkg:composer/typo3/cms@7.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ef6-uy9t-mqcu
1
vulnerability VCID-1u4r-r97q-3yfk
2
vulnerability VCID-28fn-ncj5-2ufk
3
vulnerability VCID-2f2m-tcjn-fyby
4
vulnerability VCID-2rhr-8vaz-hqfj
5
vulnerability VCID-2rmv-a83x-9ka8
6
vulnerability VCID-3ugj-6m1e-e3hr
7
vulnerability VCID-5ru2-1n1f-afa4
8
vulnerability VCID-66kh-c1dm-8fbf
9
vulnerability VCID-6u6t-uy5y-5fd6
10
vulnerability VCID-7n9x-c9gs-9yb3
11
vulnerability VCID-953t-q1cr-zyd6
12
vulnerability VCID-9899-uxyb-73gg
13
vulnerability VCID-abjx-8v46-d7d8
14
vulnerability VCID-ansr-8m5j-pya6
15
vulnerability VCID-c57c-akce-xufq
16
vulnerability VCID-cgqm-1wwf-kbg6
17
vulnerability VCID-dsqm-9q3e-dudw
18
vulnerability VCID-dwjk-7sqh-hqa8
19
vulnerability VCID-dyhd-5p1e-fya6
20
vulnerability VCID-e1gr-txgg-fqa6
21
vulnerability VCID-e1ms-4r4s-g7e7
22
vulnerability VCID-e2bk-pfbe-puek
23
vulnerability VCID-e82x-2cdb-7fgn
24
vulnerability VCID-ec17-eauu-67d3
25
vulnerability VCID-ev4k-5k1d-2bhu
26
vulnerability VCID-fdnw-2tz5-4fdr
27
vulnerability VCID-fqkx-v8t5-q3h6
28
vulnerability VCID-gpv4-4tpd-tbaa
29
vulnerability VCID-hm4k-wbq3-r7ej
30
vulnerability VCID-hp99-ncuh-6ugv
31
vulnerability VCID-hsw8-nbs6-auaa
32
vulnerability VCID-hyx9-8ae6-sba8
33
vulnerability VCID-j6x1-dfre-2bdq
34
vulnerability VCID-jp1p-rfxa-hyd9
35
vulnerability VCID-jq5y-7h9g-mufa
36
vulnerability VCID-jwb1-3sbg-kfa5
37
vulnerability VCID-jx9x-wxwq-5khx
38
vulnerability VCID-n18b-qe5x-z7cj
39
vulnerability VCID-nhjv-nke2-2kf8
40
vulnerability VCID-njsj-bwjq-fyap
41
vulnerability VCID-nqqc-nkwq-rqhx
42
vulnerability VCID-p576-w7dd-p3h7
43
vulnerability VCID-p7gd-anw2-1qbz
44
vulnerability VCID-q5f3-nhjn-hyb4
45
vulnerability VCID-qcnh-z4zh-myaw
46
vulnerability VCID-qek9-g3h8-nfdz
47
vulnerability VCID-r6hu-hvdh-abb1
48
vulnerability VCID-rae3-cugy-hbh5
49
vulnerability VCID-rs13-zf7b-mka7
50
vulnerability VCID-teby-zvvw-zkhv
51
vulnerability VCID-tzpj-j3x1-ekgk
52
vulnerability VCID-u6h1-ccgw-jqds
53
vulnerability VCID-ub3e-hrb1-wqac
54
vulnerability VCID-uq77-aax5-k7d8
55
vulnerability VCID-vq15-t92r-5bhx
56
vulnerability VCID-w65h-8a9d-ckgj
57
vulnerability VCID-wms8-dnuz-b3hc
58
vulnerability VCID-xvyu-2hb8-8ufh
59
vulnerability VCID-xw1s-93bu-wuh9
60
vulnerability VCID-ys6f-g39p-fkfc
61
vulnerability VCID-yz6t-ge1y-qfgr
62
vulnerability VCID-zru2-9g25-77dc
63
vulnerability VCID-zybp-mb3d-jyee
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.0.0
2
url pkg:composer/typo3/cms@7.6.15
purl pkg:composer/typo3/cms@7.6.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28fn-ncj5-2ufk
1
vulnerability VCID-2rhr-8vaz-hqfj
2
vulnerability VCID-2rmv-a83x-9ka8
3
vulnerability VCID-3ugj-6m1e-e3hr
4
vulnerability VCID-5u2f-5zzf-j3e4
5
vulnerability VCID-66kh-c1dm-8fbf
6
vulnerability VCID-66ru-n2df-b3ay
7
vulnerability VCID-953t-q1cr-zyd6
8
vulnerability VCID-9726-hafj-wkay
9
vulnerability VCID-9bep-jsfw-x3gn
10
vulnerability VCID-9saf-w56y-pugz
11
vulnerability VCID-abjx-8v46-d7d8
12
vulnerability VCID-dsqm-9q3e-dudw
13
vulnerability VCID-e564-zdku-9fc6
14
vulnerability VCID-ev4k-5k1d-2bhu
15
vulnerability VCID-fdnw-2tz5-4fdr
16
vulnerability VCID-fqkx-v8t5-q3h6
17
vulnerability VCID-gpv4-4tpd-tbaa
18
vulnerability VCID-h7cg-64er-uya9
19
vulnerability VCID-hp99-ncuh-6ugv
20
vulnerability VCID-hsw8-nbs6-auaa
21
vulnerability VCID-hyx9-8ae6-sba8
22
vulnerability VCID-j8sh-5evd-dkaz
23
vulnerability VCID-jp1p-rfxa-hyd9
24
vulnerability VCID-jq5y-7h9g-mufa
25
vulnerability VCID-jqe4-8hzb-mfea
26
vulnerability VCID-jwb1-3sbg-kfa5
27
vulnerability VCID-mctp-nf36-7qdn
28
vulnerability VCID-njsj-bwjq-fyap
29
vulnerability VCID-p576-w7dd-p3h7
30
vulnerability VCID-p7gd-anw2-1qbz
31
vulnerability VCID-qcnh-z4zh-myaw
32
vulnerability VCID-sy7r-d6pv-yba9
33
vulnerability VCID-teby-zvvw-zkhv
34
vulnerability VCID-tgyt-axv1-c7ag
35
vulnerability VCID-tzpj-j3x1-ekgk
36
vulnerability VCID-u5he-6tqb-gqaf
37
vulnerability VCID-uq77-aax5-k7d8
38
vulnerability VCID-vq15-t92r-5bhx
39
vulnerability VCID-xh68-defe-f7ce
40
vulnerability VCID-xvyu-2hb8-8ufh
41
vulnerability VCID-xw1s-93bu-wuh9
42
vulnerability VCID-ygw4-jdqu-4fbt
43
vulnerability VCID-yz6t-ge1y-qfgr
44
vulnerability VCID-zybp-mb3d-jyee
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.15
3
url pkg:composer/typo3/cms@8.5.0
purl pkg:composer/typo3/cms@8.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11sw-6x9k-vued
1
vulnerability VCID-11u3-8xzy-jfhh
2
vulnerability VCID-1ffs-9vj5-27hk
3
vulnerability VCID-28fn-ncj5-2ufk
4
vulnerability VCID-2rhr-8vaz-hqfj
5
vulnerability VCID-2rmv-a83x-9ka8
6
vulnerability VCID-39vn-73mc-jqav
7
vulnerability VCID-3ugj-6m1e-e3hr
8
vulnerability VCID-4eym-e6vt-8fbs
9
vulnerability VCID-4wnp-gusy-43b8
10
vulnerability VCID-5k47-9k7t-rqak
11
vulnerability VCID-5u2f-5zzf-j3e4
12
vulnerability VCID-66kh-c1dm-8fbf
13
vulnerability VCID-66ru-n2df-b3ay
14
vulnerability VCID-7ch1-q9f4-a7bt
15
vulnerability VCID-7m6u-k5tp-gkhy
16
vulnerability VCID-848u-w88s-5bbe
17
vulnerability VCID-94r9-hh4g-jkej
18
vulnerability VCID-953t-q1cr-zyd6
19
vulnerability VCID-9726-hafj-wkay
20
vulnerability VCID-9saf-w56y-pugz
21
vulnerability VCID-9yu1-z7c2-t3fj
22
vulnerability VCID-abjx-8v46-d7d8
23
vulnerability VCID-am6s-67bm-77dr
24
vulnerability VCID-bn3p-39sv-6fdg
25
vulnerability VCID-buj5-2t53-3kcr
26
vulnerability VCID-d6c2-upx1-e7cd
27
vulnerability VCID-dsqm-9q3e-dudw
28
vulnerability VCID-e564-zdku-9fc6
29
vulnerability VCID-emqq-kwjg-3kfk
30
vulnerability VCID-ev4k-5k1d-2bhu
31
vulnerability VCID-f319-jpf5-hyex
32
vulnerability VCID-f837-rs5d-jbbp
33
vulnerability VCID-fdnw-2tz5-4fdr
34
vulnerability VCID-fpa2-ffg1-fyaa
35
vulnerability VCID-fqkc-utex-3kav
36
vulnerability VCID-fqkx-v8t5-q3h6
37
vulnerability VCID-fut7-bb1f-37g7
38
vulnerability VCID-gpv4-4tpd-tbaa
39
vulnerability VCID-h7cg-64er-uya9
40
vulnerability VCID-hg2n-xera-jkdh
41
vulnerability VCID-hknp-f88a-kqec
42
vulnerability VCID-hp99-ncuh-6ugv
43
vulnerability VCID-hsw8-nbs6-auaa
44
vulnerability VCID-hyx9-8ae6-sba8
45
vulnerability VCID-j8hk-bqnb-gycp
46
vulnerability VCID-j8sh-5evd-dkaz
47
vulnerability VCID-je4q-svfw-hqda
48
vulnerability VCID-jp1p-rfxa-hyd9
49
vulnerability VCID-jq5y-7h9g-mufa
50
vulnerability VCID-jqe4-8hzb-mfea
51
vulnerability VCID-jwb1-3sbg-kfa5
52
vulnerability VCID-k5t3-28es-h3ez
53
vulnerability VCID-khpm-e1xb-hydb
54
vulnerability VCID-mctp-nf36-7qdn
55
vulnerability VCID-njsj-bwjq-fyap
56
vulnerability VCID-nney-azbc-pucg
57
vulnerability VCID-p576-w7dd-p3h7
58
vulnerability VCID-p7gd-anw2-1qbz
59
vulnerability VCID-pmvp-twk2-jqe4
60
vulnerability VCID-q2ym-y2rz-1bdn
61
vulnerability VCID-q52p-xfj8-gygd
62
vulnerability VCID-q7vt-19eb-sqeq
63
vulnerability VCID-qcnh-z4zh-myaw
64
vulnerability VCID-qdxh-arxx-wbcr
65
vulnerability VCID-qv14-m93d-jyd9
66
vulnerability VCID-qxab-9uwr-yqhv
67
vulnerability VCID-rqrw-t2kj-mud8
68
vulnerability VCID-ru6w-m6q6-27gn
69
vulnerability VCID-sdjb-gp4t-vbgt
70
vulnerability VCID-sdsa-mh76-kqch
71
vulnerability VCID-sy7r-d6pv-yba9
72
vulnerability VCID-teby-zvvw-zkhv
73
vulnerability VCID-tzpj-j3x1-ekgk
74
vulnerability VCID-u259-2sxq-tbct
75
vulnerability VCID-u5he-6tqb-gqaf
76
vulnerability VCID-u6as-cwxc-pkhk
77
vulnerability VCID-uq77-aax5-k7d8
78
vulnerability VCID-vq15-t92r-5bhx
79
vulnerability VCID-vw2r-g8yy-eyf4
80
vulnerability VCID-w1wb-mq2y-dfca
81
vulnerability VCID-w483-prq4-rycx
82
vulnerability VCID-wat8-4m83-hken
83
vulnerability VCID-wy45-2gmr-fkfg
84
vulnerability VCID-x5x1-w7yv-eye9
85
vulnerability VCID-xh68-defe-f7ce
86
vulnerability VCID-xvyu-2hb8-8ufh
87
vulnerability VCID-xw1s-93bu-wuh9
88
vulnerability VCID-y7ds-p5r2-yuhq
89
vulnerability VCID-ygw4-jdqu-4fbt
90
vulnerability VCID-yh6b-tc4u-v3bk
91
vulnerability VCID-yz6t-ge1y-qfgr
92
vulnerability VCID-zgfw-pk39-gyg8
93
vulnerability VCID-zmwv-gwq3-fkej
94
vulnerability VCID-zybp-mb3d-jyee
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.5.0
aliases GMS-2017-347
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h7hf-sf2q-73ay
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.30