{"url":"http://public2.vulnerablecode.io/api/packages/62892?format=json","purl":"pkg:composer/typo3/cms@6.0.0","type":"composer","namespace":"typo3","name":"cms","version":"6.0.0","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"10.4.35","latest_non_vulnerable_version":"12.2.0","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111441?format=json","vulnerability_id":"VCID-2f2m-tcjn-fyby","summary":"Typo3 Vulnerable to Cache Poisoning\n**Problem Description:** A request URL with arbitrary arguments, but still pointing to the home page of  a TYPO3 installation can be cached if the configuration option `config.prefixLocalAnchors` is used with the values \"all\" or \"cached\". The impact of this vulnerability is that unfamiliar looking links to the home page can end up in the cache, which leads to a reload of the page in the browser when section links are followed by web page visitors, instead of just directly jumping to the requested section of the page. TYPO3 versions 4.6.x and higher are only affected if the homepage is not a shortcut to a different page.\n\n**Solution:** Removing the configuration options `config.prefixLocalAnchors` (and optionally also config.baseUrl) in favor of `config.absRefPrefix`\n\n**Credits:** Thanks to Gernot Leitgab who discovered and reported the vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9509","reference_id":"","reference_type":"","scores":[{"value":"0.00633","scoring_system":"epss","scoring_elements":"0.70774","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00633","scoring_system":"epss","scoring_elements":"0.70797","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00633","scoring_system":"epss","scoring_elements":"0.70804","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00633","scoring_system":"epss","scoring_elements":"0.70787","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00633","scoring_system":"epss","scoring_elements":"0.70755","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9509"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-9509","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-9509"},{"reference_url":"http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-003","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-003"},{"reference_url":"http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-003/","reference_id":"","reference_type":"","scores":[],"url":"http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-003/"},{"reference_url":"https://github.com/advisories/GHSA-5479-gqqr-f9gj","reference_id":"GHSA-5479-gqqr-f9gj","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5479-gqqr-f9gj"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/152638?format=json","purl":"pkg:composer/typo3/cms@6.0.15","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.0.15"},{"url":"http://public2.vulnerablecode.io/api/packages/152640?format=json","purl":"pkg:composer/typo3/cms@6.1.13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.1.13"},{"url":"http://public2.vulnerablecode.io/api/packages/52098?format=json","purl":"pkg:composer/typo3/cms@6.2.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efr-h9gq-r7h1"},{"vulnerability":"VCID-1u4r-r97q-3yfk"},{"vulnerability":"VCID-1usv-hs5c-akb2"},{"vulnerability":"VCID-2r7u-mc45-8yhe"},{"vulnerability":"VCID-39jx-muqb-nkfq"},{"vulnerability":"VCID-4wnp-gusy-43b8"},{"vulnerability":"VCID-5dxs-cdht-27hw"},{"vulnerability":"VCID-5hm4-ms5p-uuae"},{"vulnerability":"VCID-5ppx-p8eq-mbgk"},{"vulnerability":"VCID-5ru2-1n1f-afa4"},{"vulnerability":"VCID-6su8-bbrw-hbhp"},{"vulnerability":"VCID-727q-h3ey-6yc9"},{"vulnerability":"VCID-7n9x-c9gs-9yb3"},{"vulnerability":"VCID-83y4-7q4j-h7f8"},{"vulnerability":"VCID-8jcy-3kje-fqeh"},{"vulnerability":"VCID-8p64-6zpt-t3av"},{"vulnerability":"VCID-8vum-snng-jfcv"},{"vulnerability":"VCID-95wn-6r9b-q7et"},{"vulnerability":"VCID-9899-uxyb-73gg"},{"vulnerability":"VCID-ansr-8m5j-pya6"},{"vulnerability":"VCID-bstt-ybrs-5ua3"},{"vulnerability":"VCID-c57c-akce-xufq"},{"vulnerability":"VCID-cgqm-1wwf-kbg6"},{"vulnerability":"VCID-dd9u-w2y2-87h9"},{"vulnerability":"VCID-dw8z-wtph-skey"},{"vulnerability":"VCID-dwjk-7sqh-hqa8"},{"vulnerability":"VCID-dyhd-5p1e-fya6"},{"vulnerability":"VCID-e1gr-txgg-fqa6"},{"vulnerability":"VCID-e1ms-4r4s-g7e7"},{"vulnerability":"VCID-e2bk-pfbe-puek"},{"vulnerability":"VCID-e82x-2cdb-7fgn"},{"vulnerability":"VCID-ebku-sk43-m7bf"},{"vulnerability":"VCID-ec17-eauu-67d3"},{"vulnerability":"VCID-ekvp-u4kk-kqdd"},{"vulnerability":"VCID-eutz-mj58-audb"},{"vulnerability":"VCID-ev4k-5k1d-2bhu"},{"vulnerability":"VCID-exjy-5cyn-zfg1"},{"vulnerability":"VCID-fgqa-5fx9-nkaz"},{"vulnerability":"VCID-fqkx-v8t5-q3h6"},{"vulnerability":"VCID-g7mm-vjbw-bbhd"},{"vulnerability":"VCID-g9ns-sxkx-aqh1"},{"vulnerability":"VCID-gbdn-7ce2-zuf7"},{"vulnerability":"VCID-h217-xe8x-nua3"},{"vulnerability":"VCID-h7hf-sf2q-73ay"},{"vulnerability":"VCID-hm4k-wbq3-r7ej"},{"vulnerability":"VCID-huxd-2e6q-abak"},{"vulnerability":"VCID-hzma-cduk-3uhp"},{"vulnerability":"VCID-j6x1-dfre-2bdq"},{"vulnerability":"VCID-jbkw-4x2d-fqcp"},{"vulnerability":"VCID-jenc-czvj-g3gw"},{"vulnerability":"VCID-jeqr-9tfu-f7b2"},{"vulnerability":"VCID-jf28-91be-6kbr"},{"vulnerability":"VCID-jmea-qzsr-wkf4"},{"vulnerability":"VCID-jn38-wfec-7bb2"},{"vulnerability":"VCID-kj76-rsr8-yqb3"},{"vulnerability":"VCID-kp2p-nbmg-ufen"},{"vulnerability":"VCID-kqu8-8c1n-73hr"},{"vulnerability":"VCID-ks1q-a8x2-uqht"},{"vulnerability":"VCID-m3nc-xbb4-yubr"},{"vulnerability":"VCID-n18b-qe5x-z7cj"},{"vulnerability":"VCID-n326-yy8y-xuap"},{"vulnerability":"VCID-nhjv-nke2-2kf8"},{"vulnerability":"VCID-nqqc-nkwq-rqhx"},{"vulnerability":"VCID-nvbp-pbjw-3qgx"},{"vulnerability":"VCID-p7gd-anw2-1qbz"},{"vulnerability":"VCID-q5f3-nhjn-hyb4"},{"vulnerability":"VCID-qek9-g3h8-nfdz"},{"vulnerability":"VCID-rae3-cugy-hbh5"},{"vulnerability":"VCID-rs13-zf7b-mka7"},{"vulnerability":"VCID-s4re-vww7-sugb"},{"vulnerability":"VCID-s97a-nmk8-y3ay"},{"vulnerability":"VCID-sdz8-hju8-4bcb"},{"vulnerability":"VCID-sn8n-mawq-3uht"},{"vulnerability":"VCID-tgyt-axv1-c7ag"},{"vulnerability":"VCID-u37d-tqqe-n7d4"},{"vulnerability":"VCID-u4tq-8qnk-5fd7"},{"vulnerability":"VCID-u6h1-ccgw-jqds"},{"vulnerability":"VCID-ub3e-hrb1-wqac"},{"vulnerability":"VCID-v2qy-dbf2-bffn"},{"vulnerability":"VCID-vq15-t92r-5bhx"},{"vulnerability":"VCID-w58p-3wg1-7ycr"},{"vulnerability":"VCID-w65h-8a9d-ckgj"},{"vulnerability":"VCID-wk4s-4bcd-2yb5"},{"vulnerability":"VCID-wms8-dnuz-b3hc"},{"vulnerability":"VCID-x175-xjek-97ds"},{"vulnerability":"VCID-xpxg-qq49-b7fd"},{"vulnerability":"VCID-xt7m-u9eb-fyd9"},{"vulnerability":"VCID-xw1s-93bu-wuh9"},{"vulnerability":"VCID-y1ap-y4az-x7ec"},{"vulnerability":"VCID-yn6z-9v7k-x7br"},{"vulnerability":"VCID-ys6f-g39p-fkfc"},{"vulnerability":"VCID-zhvz-jzf3-2uac"},{"vulnerability":"VCID-zru2-9g25-77dc"},{"vulnerability":"VCID-zrz3-3dnf-tbay"},{"vulnerability":"VCID-zybp-mb3d-jyee"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.9"},{"url":"http://public2.vulnerablecode.io/api/packages/52099?format=json","purl":"pkg:composer/typo3/cms@7.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1u4r-r97q-3yfk"},{"vulnerability":"VCID-28fn-ncj5-2ufk"},{"vulnerability":"VCID-2rhr-8vaz-hqfj"},{"vulnerability":"VCID-2rmv-a83x-9ka8"},{"vulnerability":"VCID-3ugj-6m1e-e3hr"},{"vulnerability":"VCID-5hm4-ms5p-uuae"},{"vulnerability":"VCID-5ru2-1n1f-afa4"},{"vulnerability":"VCID-66kh-c1dm-8fbf"},{"vulnerability":"VCID-7n9x-c9gs-9yb3"},{"vulnerability":"VCID-8jcy-3kje-fqeh"},{"vulnerability":"VCID-953t-q1cr-zyd6"},{"vulnerability":"VCID-9899-uxyb-73gg"},{"vulnerability":"VCID-abjx-8v46-d7d8"},{"vulnerability":"VCID-ansr-8m5j-pya6"},{"vulnerability":"VCID-c57c-akce-xufq"},{"vulnerability":"VCID-cgqm-1wwf-kbg6"},{"vulnerability":"VCID-dsqm-9q3e-dudw"},{"vulnerability":"VCID-dwjk-7sqh-hqa8"},{"vulnerability":"VCID-dyhd-5p1e-fya6"},{"vulnerability":"VCID-e1gr-txgg-fqa6"},{"vulnerability":"VCID-e1ms-4r4s-g7e7"},{"vulnerability":"VCID-e2bk-pfbe-puek"},{"vulnerability":"VCID-e82x-2cdb-7fgn"},{"vulnerability":"VCID-ec17-eauu-67d3"},{"vulnerability":"VCID-ev4k-5k1d-2bhu"},{"vulnerability":"VCID-fdnw-2tz5-4fdr"},{"vulnerability":"VCID-fqkx-v8t5-q3h6"},{"vulnerability":"VCID-gpv4-4tpd-tbaa"},{"vulnerability":"VCID-hm4k-wbq3-r7ej"},{"vulnerability":"VCID-hp99-ncuh-6ugv"},{"vulnerability":"VCID-hsw8-nbs6-auaa"},{"vulnerability":"VCID-hyx9-8ae6-sba8"},{"vulnerability":"VCID-j6x1-dfre-2bdq"},{"vulnerability":"VCID-jp1p-rfxa-hyd9"},{"vulnerability":"VCID-jq5y-7h9g-mufa"},{"vulnerability":"VCID-jwb1-3sbg-kfa5"},{"vulnerability":"VCID-n18b-qe5x-z7cj"},{"vulnerability":"VCID-nhjv-nke2-2kf8"},{"vulnerability":"VCID-njsj-bwjq-fyap"},{"vulnerability":"VCID-nqqc-nkwq-rqhx"},{"vulnerability":"VCID-p576-w7dd-p3h7"},{"vulnerability":"VCID-p7gd-anw2-1qbz"},{"vulnerability":"VCID-q5f3-nhjn-hyb4"},{"vulnerability":"VCID-qcnh-z4zh-myaw"},{"vulnerability":"VCID-qek9-g3h8-nfdz"},{"vulnerability":"VCID-rae3-cugy-hbh5"},{"vulnerability":"VCID-rs13-zf7b-mka7"},{"vulnerability":"VCID-teby-zvvw-zkhv"},{"vulnerability":"VCID-tzpj-j3x1-ekgk"},{"vulnerability":"VCID-u6h1-ccgw-jqds"},{"vulnerability":"VCID-ub3e-hrb1-wqac"},{"vulnerability":"VCID-uq77-aax5-k7d8"},{"vulnerability":"VCID-vq15-t92r-5bhx"},{"vulnerability":"VCID-w65h-8a9d-ckgj"},{"vulnerability":"VCID-wms8-dnuz-b3hc"},{"vulnerability":"VCID-xvyu-2hb8-8ufh"},{"vulnerability":"VCID-xw1s-93bu-wuh9"},{"vulnerability":"VCID-ys6f-g39p-fkfc"},{"vulnerability":"VCID-yz6t-ge1y-qfgr"},{"vulnerability":"VCID-zru2-9g25-77dc"},{"vulnerability":"VCID-zybp-mb3d-jyee"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.0.2"}],"aliases":["CVE-2014-9509","GHSA-5479-gqqr-f9gj"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2f2m-tcjn-fyby"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37919?format=json","vulnerability_id":"VCID-c57c-akce-xufq","summary":"Cross-Site Scripting Vulnerability\nIt has been discovered, that it is possible to forge a link to a backend module, which contains a JavaScript payload. This JavaScript is executed, if an authenticated editor with access to the module follows the link that, is tricked to click on a certain HTML target. Because TYPO3 include a secret token unknown to an attacker in every URL, an exploit would not be feasible for these versions.","references":[{"reference_url":"http://packetstormsecurity.com/files/133551/Typo3-CMS-6.2.14-4.5.40-Cross-Site-Scripting.html","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://packetstormsecurity.com/files/133551/Typo3-CMS-6.2.14-4.5.40-Cross-Site-Scripting.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5956","reference_id":"","reference_type":"","scores":[{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.37844","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.3791","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.37879","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.37817","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.37908","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5956"},{"reference_url":"http://seclists.org/fulldisclosure/2015/Sep/57","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2015/Sep/57"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2015-5956.yaml","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2015-5956.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-5956","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-5956"},{"reference_url":"https://review.typo3.org/#/c/43122/","reference_id":"","reference_type":"","scores":[],"url":"https://review.typo3.org/#/c/43122/"},{"reference_url":"https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-009","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-009"},{"reference_url":"https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-009/","reference_id":"","reference_type":"","scores":[],"url":"https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-009/"},{"reference_url":"http://www.securityfocus.com/archive/1/536464/100/0/threaded","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/archive/1/536464/100/0/threaded"},{"reference_url":"http://www.securitytracker.com/id/1033551","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securitytracker.com/id/1033551"},{"reference_url":"https://github.com/advisories/GHSA-989h-wv8x-933p","reference_id":"GHSA-989h-wv8x-933p","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-989h-wv8x-933p"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/52366?format=json","purl":"pkg:composer/typo3/cms@6.2.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1efr-h9gq-r7h1"},{"vulnerability":"VCID-1usv-hs5c-akb2"},{"vulnerability":"VCID-2r7u-mc45-8yhe"},{"vulnerability":"VCID-39jx-muqb-nkfq"},{"vulnerability":"VCID-4wnp-gusy-43b8"},{"vulnerability":"VCID-5dxs-cdht-27hw"},{"vulnerability":"VCID-5hm4-ms5p-uuae"},{"vulnerability":"VCID-5ppx-p8eq-mbgk"},{"vulnerability":"VCID-6su8-bbrw-hbhp"},{"vulnerability":"VCID-727q-h3ey-6yc9"},{"vulnerability":"VCID-83y4-7q4j-h7f8"},{"vulnerability":"VCID-8jcy-3kje-fqeh"},{"vulnerability":"VCID-8p64-6zpt-t3av"},{"vulnerability":"VCID-8vum-snng-jfcv"},{"vulnerability":"VCID-95wn-6r9b-q7et"},{"vulnerability":"VCID-ansr-8m5j-pya6"},{"vulnerability":"VCID-bstt-ybrs-5ua3"},{"vulnerability":"VCID-dd9u-w2y2-87h9"},{"vulnerability":"VCID-dw8z-wtph-skey"},{"vulnerability":"VCID-e1ms-4r4s-g7e7"},{"vulnerability":"VCID-e2bk-pfbe-puek"},{"vulnerability":"VCID-e82x-2cdb-7fgn"},{"vulnerability":"VCID-ebku-sk43-m7bf"},{"vulnerability":"VCID-ekvp-u4kk-kqdd"},{"vulnerability":"VCID-eutz-mj58-audb"},{"vulnerability":"VCID-ev4k-5k1d-2bhu"},{"vulnerability":"VCID-exjy-5cyn-zfg1"},{"vulnerability":"VCID-fgqa-5fx9-nkaz"},{"vulnerability":"VCID-fqkx-v8t5-q3h6"},{"vulnerability":"VCID-g7mm-vjbw-bbhd"},{"vulnerability":"VCID-g9ns-sxkx-aqh1"},{"vulnerability":"VCID-gbdn-7ce2-zuf7"},{"vulnerability":"VCID-h217-xe8x-nua3"},{"vulnerability":"VCID-h7hf-sf2q-73ay"},{"vulnerability":"VCID-hm4k-wbq3-r7ej"},{"vulnerability":"VCID-huxd-2e6q-abak"},{"vulnerability":"VCID-hzma-cduk-3uhp"},{"vulnerability":"VCID-jbkw-4x2d-fqcp"},{"vulnerability":"VCID-jenc-czvj-g3gw"},{"vulnerability":"VCID-jeqr-9tfu-f7b2"},{"vulnerability":"VCID-jf28-91be-6kbr"},{"vulnerability":"VCID-jmea-qzsr-wkf4"},{"vulnerability":"VCID-jn38-wfec-7bb2"},{"vulnerability":"VCID-kj76-rsr8-yqb3"},{"vulnerability":"VCID-kp2p-nbmg-ufen"},{"vulnerability":"VCID-kqu8-8c1n-73hr"},{"vulnerability":"VCID-ks1q-a8x2-uqht"},{"vulnerability":"VCID-m3nc-xbb4-yubr"},{"vulnerability":"VCID-n18b-qe5x-z7cj"},{"vulnerability":"VCID-n326-yy8y-xuap"},{"vulnerability":"VCID-nhjv-nke2-2kf8"},{"vulnerability":"VCID-nqqc-nkwq-rqhx"},{"vulnerability":"VCID-nvbp-pbjw-3qgx"},{"vulnerability":"VCID-p7gd-anw2-1qbz"},{"vulnerability":"VCID-qek9-g3h8-nfdz"},{"vulnerability":"VCID-rs13-zf7b-mka7"},{"vulnerability":"VCID-s4re-vww7-sugb"},{"vulnerability":"VCID-s97a-nmk8-y3ay"},{"vulnerability":"VCID-sdz8-hju8-4bcb"},{"vulnerability":"VCID-sn8n-mawq-3uht"},{"vulnerability":"VCID-tgyt-axv1-c7ag"},{"vulnerability":"VCID-u37d-tqqe-n7d4"},{"vulnerability":"VCID-u4tq-8qnk-5fd7"},{"vulnerability":"VCID-u6h1-ccgw-jqds"},{"vulnerability":"VCID-ub3e-hrb1-wqac"},{"vulnerability":"VCID-v2qy-dbf2-bffn"},{"vulnerability":"VCID-vq15-t92r-5bhx"},{"vulnerability":"VCID-w58p-3wg1-7ycr"},{"vulnerability":"VCID-wk4s-4bcd-2yb5"},{"vulnerability":"VCID-wms8-dnuz-b3hc"},{"vulnerability":"VCID-x175-xjek-97ds"},{"vulnerability":"VCID-xpxg-qq49-b7fd"},{"vulnerability":"VCID-xt7m-u9eb-fyd9"},{"vulnerability":"VCID-xw1s-93bu-wuh9"},{"vulnerability":"VCID-y1ap-y4az-x7ec"},{"vulnerability":"VCID-yn6z-9v7k-x7br"},{"vulnerability":"VCID-zhvz-jzf3-2uac"},{"vulnerability":"VCID-zrz3-3dnf-tbay"},{"vulnerability":"VCID-zybp-mb3d-jyee"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.15"},{"url":"http://public2.vulnerablecode.io/api/packages/52367?format=json","purl":"pkg:composer/typo3/cms@7.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-28fn-ncj5-2ufk"},{"vulnerability":"VCID-2rhr-8vaz-hqfj"},{"vulnerability":"VCID-2rmv-a83x-9ka8"},{"vulnerability":"VCID-3ugj-6m1e-e3hr"},{"vulnerability":"VCID-5hm4-ms5p-uuae"},{"vulnerability":"VCID-66kh-c1dm-8fbf"},{"vulnerability":"VCID-8jcy-3kje-fqeh"},{"vulnerability":"VCID-953t-q1cr-zyd6"},{"vulnerability":"VCID-abjx-8v46-d7d8"},{"vulnerability":"VCID-ansr-8m5j-pya6"},{"vulnerability":"VCID-dsqm-9q3e-dudw"},{"vulnerability":"VCID-e1ms-4r4s-g7e7"},{"vulnerability":"VCID-e2bk-pfbe-puek"},{"vulnerability":"VCID-e82x-2cdb-7fgn"},{"vulnerability":"VCID-ev4k-5k1d-2bhu"},{"vulnerability":"VCID-fdnw-2tz5-4fdr"},{"vulnerability":"VCID-fqkx-v8t5-q3h6"},{"vulnerability":"VCID-gpv4-4tpd-tbaa"},{"vulnerability":"VCID-hm4k-wbq3-r7ej"},{"vulnerability":"VCID-hp99-ncuh-6ugv"},{"vulnerability":"VCID-hsw8-nbs6-auaa"},{"vulnerability":"VCID-hyx9-8ae6-sba8"},{"vulnerability":"VCID-jp1p-rfxa-hyd9"},{"vulnerability":"VCID-jq5y-7h9g-mufa"},{"vulnerability":"VCID-jwb1-3sbg-kfa5"},{"vulnerability":"VCID-n18b-qe5x-z7cj"},{"vulnerability":"VCID-nhjv-nke2-2kf8"},{"vulnerability":"VCID-njsj-bwjq-fyap"},{"vulnerability":"VCID-p576-w7dd-p3h7"},{"vulnerability":"VCID-p7gd-anw2-1qbz"},{"vulnerability":"VCID-qcnh-z4zh-myaw"},{"vulnerability":"VCID-qek9-g3h8-nfdz"},{"vulnerability":"VCID-rs13-zf7b-mka7"},{"vulnerability":"VCID-teby-zvvw-zkhv"},{"vulnerability":"VCID-tzpj-j3x1-ekgk"},{"vulnerability":"VCID-u6h1-ccgw-jqds"},{"vulnerability":"VCID-ub3e-hrb1-wqac"},{"vulnerability":"VCID-uq77-aax5-k7d8"},{"vulnerability":"VCID-vq15-t92r-5bhx"},{"vulnerability":"VCID-wms8-dnuz-b3hc"},{"vulnerability":"VCID-xvyu-2hb8-8ufh"},{"vulnerability":"VCID-xw1s-93bu-wuh9"},{"vulnerability":"VCID-yz6t-ge1y-qfgr"},{"vulnerability":"VCID-zybp-mb3d-jyee"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.4.0"}],"aliases":["CVE-2015-5956","GHSA-989h-wv8x-933p"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c57c-akce-xufq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111722?format=json","vulnerability_id":"VCID-fmx7-p3ap-xfgh","summary":"TYPO3 doesn't properly check file extensions\nThe (1) file upload component and (2) File Abstraction Layer (FAL) in TYPO3 6.0.x before 6.0.8 and 6.1.x before 6.1.3 do not properly check file extensions, which allow remote authenticated editors to execute arbitrary PHP code by uploading a .php file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4250","reference_id":"","reference_type":"","scores":[{"value":"0.00391","scoring_system":"epss","scoring_elements":"0.60481","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00391","scoring_system":"epss","scoring_elements":"0.60458","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00391","scoring_system":"epss","scoring_elements":"0.60506","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00391","scoring_system":"epss","scoring_elements":"0.60509","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00391","scoring_system":"epss","scoring_elements":"0.60498","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4250"},{"reference_url":"https://github.com/TYPO3/typo3","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/TYPO3/typo3"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4250","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4250"},{"reference_url":"https://typo3.org/security/advisory/typo3-core-sa-2013-002","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://typo3.org/security/advisory/typo3-core-sa-2013-002"},{"reference_url":"https://github.com/advisories/GHSA-54jj-pxx2-pv8h","reference_id":"GHSA-54jj-pxx2-pv8h","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-54jj-pxx2-pv8h"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/153740?format=json","purl":"pkg:composer/typo3/cms@6.0.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.0.8"},{"url":"http://public2.vulnerablecode.io/api/packages/153741?format=json","purl":"pkg:composer/typo3/cms@6.1.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.1.3"}],"aliases":["CVE-2013-4250","GHSA-54jj-pxx2-pv8h"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fmx7-p3ap-xfgh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/112338?format=json","vulnerability_id":"VCID-j4zg-ekjr-jycg","summary":"TYPO3 Cross-Site Scripting (XSS) vulnerabilities in Content Editing Wizards component\nMultiple cross-site scripting (XSS) vulnerabilities in Content Editing Wizards in TYPO3 4.5.x before 4.5.32, 4.7.x before 4.7.17, 6.0.x before 6.0.12, 6.1.x before 6.1.7, and the development versions of 6.2 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters.","references":[{"reference_url":"http://osvdb.org/100881","reference_id":"","reference_type":"","scores":[{"value":"3.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://osvdb.org/100881"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-7074","reference_id":"","reference_type":"","scores":[{"value":"0.00335","scoring_system":"epss","scoring_elements":"0.56624","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00335","scoring_system":"epss","scoring_elements":"0.56639","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00335","scoring_system":"epss","scoring_elements":"0.56651","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00335","scoring_system":"epss","scoring_elements":"0.56645","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00335","scoring_system":"epss","scoring_elements":"0.56593","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-7074"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7074","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7074"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7075","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7075"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7076","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7076"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7078","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7078"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7079","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7079"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7080","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7080"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7081","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7081"},{"reference_url":"http://seclists.org/oss-sec/2013/q4/473","reference_id":"","reference_type":"","scores":[{"value":"3.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/oss-sec/2013/q4/473"},{"reference_url":"http://seclists.org/oss-sec/2013/q4/487","reference_id":"","reference_type":"","scores":[{"value":"3.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/oss-sec/2013/q4/487"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/89620","reference_id":"","reference_type":"","scores":[{"value":"3.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/89620"},{"reference_url":"https://github.com/TYPO3/typo3","reference_id":"","reference_type":"","scores":[{"value":"3.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/TYPO3/typo3"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-7074","reference_id":"","reference_type":"","scores":[{"value":"3.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-7074"},{"reference_url":"http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004","reference_id":"","reference_type":"","scores":[{"value":"3.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004"},{"reference_url":"http://www.debian.org/security/2014/dsa-2834","reference_id":"","reference_type":"","scores":[{"value":"3.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2014/dsa-2834"},{"reference_url":"http://www.securityfocus.com/bid/64245","reference_id":"","reference_type":"","scores":[{"value":"3.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/64245"},{"reference_url":"https://github.com/advisories/GHSA-r8m7-792j-5jvq","reference_id":"GHSA-r8m7-792j-5jvq","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r8m7-792j-5jvq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/63486?format=json","purl":"pkg:composer/typo3/cms@6.0.12","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.0.12"},{"url":"http://public2.vulnerablecode.io/api/packages/63487?format=json","purl":"pkg:composer/typo3/cms@6.1.7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.1.7"}],"aliases":["CVE-2013-7074","GHSA-r8m7-792j-5jvq"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j4zg-ekjr-jycg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111462?format=json","vulnerability_id":"VCID-jppr-qkg2-ebc9","summary":"TYPO3 vulnerable to Insecure Unserialize via Content Editing Wizards component\nThe Content Editing Wizards component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 allows remote authenticated backend users to unserialize arbitrary PHP objects, delete arbitrary files, and possibly have other unspecified impacts via an unspecified parameter, related to a \"missing signature.\"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-7075","reference_id":"","reference_type":"","scores":[{"value":"0.00408","scoring_system":"epss","scoring_elements":"0.61556","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00408","scoring_system":"epss","scoring_elements":"0.61536","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00408","scoring_system":"epss","scoring_elements":"0.61551","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00408","scoring_system":"epss","scoring_elements":"0.61563","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00408","scoring_system":"epss","scoring_elements":"0.61507","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-7075"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7074","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7074"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7075","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7075"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7076","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7076"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7078","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7078"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7079","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7079"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7080","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7080"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7081","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7081"},{"reference_url":"http://seclists.org/oss-sec/2013/q4/473","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/oss-sec/2013/q4/473"},{"reference_url":"https://github.com/TYPO3/typo3","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/TYPO3/typo3"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-7075","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-7075"},{"reference_url":"http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004"},{"reference_url":"http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004/","reference_id":"","reference_type":"","scores":[],"url":"http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004/"},{"reference_url":"http://www.debian.org/security/2014/dsa-2834","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2014/dsa-2834"},{"reference_url":"https://github.com/advisories/GHSA-47ww-mq32-g4xw","reference_id":"GHSA-47ww-mq32-g4xw","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-47ww-mq32-g4xw"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/63486?format=json","purl":"pkg:composer/typo3/cms@6.0.12","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.0.12"},{"url":"http://public2.vulnerablecode.io/api/packages/63487?format=json","purl":"pkg:composer/typo3/cms@6.1.7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.1.7"}],"aliases":["CVE-2013-7075","GHSA-47ww-mq32-g4xw"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jppr-qkg2-ebc9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44139?format=json","vulnerability_id":"VCID-nx7p-v66a-vfg1","summary":"TYPO3 vulnerable to Information Disclosure via Content Editing Wizards component\nThe Content Editing Wizards component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 does not check permissions, which allows remote authenticated editors to read arbitrary TYPO3 table columns via unspecified parameters.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00028.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00028.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-08/msg00083.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2016-08/msg00083.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-08/msg00106.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2016-08/msg00106.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-7073","reference_id":"","reference_type":"","scores":[{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.51156","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.5114","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.51201","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.51207","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.51185","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-7073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7074","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7074"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7075","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7075"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7076","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7076"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7078","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7078"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7079","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7079"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7080","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7080"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7081","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7081"},{"reference_url":"http://seclists.org/oss-sec/2013/q4/473","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/oss-sec/2013/q4/473"},{"reference_url":"http://seclists.org/oss-sec/2013/q4/487","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/oss-sec/2013/q4/487"},{"reference_url":"https://github.com/TYPO3/typo3","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/TYPO3/typo3"},{"reference_url":"http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004"},{"reference_url":"http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004/","reference_id":"","reference_type":"","scores":[],"url":"http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004/"},{"reference_url":"http://www.debian.org/security/2014/dsa-2834","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2014/dsa-2834"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-7073","reference_id":"CVE-2013-7073","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-7073"},{"reference_url":"https://github.com/advisories/GHSA-4rpv-g4gq-rh4m","reference_id":"GHSA-4rpv-g4gq-rh4m","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4rpv-g4gq-rh4m"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/63486?format=json","purl":"pkg:composer/typo3/cms@6.0.12","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.0.12"},{"url":"http://public2.vulnerablecode.io/api/packages/63487?format=json","purl":"pkg:composer/typo3/cms@6.1.7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.1.7"}],"aliases":["CVE-2013-7073","GHSA-4rpv-g4gq-rh4m"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nx7p-v66a-vfg1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43798?format=json","vulnerability_id":"VCID-wasp-gawc-cbca","summary":"TYPO3 Color Picker Wizard component allows remote authenticated editors to execute arbitrary PHP code\nThe Color Picker Wizard component in TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, and 6.1.0 before 6.1.9 allows remote authenticated editors to execute arbitrary PHP code via a serialized PHP object.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2014-06/msg00037.html","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2014-06/msg00037.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3942","reference_id":"","reference_type":"","scores":[{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63635","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63644","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63636","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63624","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63594","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3942"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3941","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3941"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3942","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3942"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3943","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3943"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3944","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3944"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3946","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3946"},{"reference_url":"https://github.com/TYPO3/typo3","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/TYPO3/typo3"},{"reference_url":"https://typo3.org/security/advisory/typo3-core-sa-2014-001","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://typo3.org/security/advisory/typo3-core-sa-2014-001"},{"reference_url":"http://www.debian.org/security/2014/dsa-2942","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2014/dsa-2942"},{"reference_url":"http://www.openwall.com/lists/oss-security/2014/06/03/2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2014/06/03/2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3942","reference_id":"CVE-2014-3942","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3942"},{"reference_url":"https://github.com/advisories/GHSA-55g3-fjwm-w2c8","reference_id":"GHSA-55g3-fjwm-w2c8","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-55g3-fjwm-w2c8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/62896?format=json","purl":"pkg:composer/typo3/cms@6.0.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2f2m-tcjn-fyby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.0.14"},{"url":"http://public2.vulnerablecode.io/api/packages/62897?format=json","purl":"pkg:composer/typo3/cms@6.1.9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.1.9"}],"aliases":["CVE-2014-3942","GHSA-55g3-fjwm-w2c8"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wasp-gawc-cbca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43930?format=json","vulnerability_id":"VCID-yphc-ujay-7fcs","summary":"Typo3 Host Header Spoofing Vulnerability\nTYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, 6.1.0 before 6.1.9, and 6.2.0 before 6.2.3 allows remote attackers to have unspecified impact via a crafted HTTP Host header, related to \"Host Spoofing.\"","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00028.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00028.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2014-06/msg00037.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2014-06/msg00037.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-08/msg00083.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2016-08/msg00083.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3941","reference_id":"","reference_type":"","scores":[{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.51253","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.51269","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.5132","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.51314","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.51299","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3941"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3941","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3941"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3942","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3942"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3943","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3943"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3944","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3944"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3946","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3946"},{"reference_url":"https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001"},{"reference_url":"http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001"},{"reference_url":"http://www.debian.org/security/2014/dsa-2942","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2014/dsa-2942"},{"reference_url":"http://www.openwall.com/lists/oss-security/2014/06/03/2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2014/06/03/2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3941","reference_id":"CVE-2014-3941","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3941"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2014-3941.yaml","reference_id":"CVE-2014-3941.YAML","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2014-3941.yaml"},{"reference_url":"https://github.com/advisories/GHSA-594h-cx6w-p4jf","reference_id":"GHSA-594h-cx6w-p4jf","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-594h-cx6w-p4jf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/62896?format=json","purl":"pkg:composer/typo3/cms@6.0.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2f2m-tcjn-fyby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.0.14"},{"url":"http://public2.vulnerablecode.io/api/packages/62897?format=json","purl":"pkg:composer/typo3/cms@6.1.9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.1.9"},{"url":"http://public2.vulnerablecode.io/api/packages/51878?format=json","purl":"pkg:composer/typo3/cms@6.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ef6-uy9t-mqcu"},{"vulnerability":"VCID-1efr-h9gq-r7h1"},{"vulnerability":"VCID-1u4r-r97q-3yfk"},{"vulnerability":"VCID-1usv-hs5c-akb2"},{"vulnerability":"VCID-2f2m-tcjn-fyby"},{"vulnerability":"VCID-2r7u-mc45-8yhe"},{"vulnerability":"VCID-39jx-muqb-nkfq"},{"vulnerability":"VCID-3ump-aca5-g7b6"},{"vulnerability":"VCID-4wnp-gusy-43b8"},{"vulnerability":"VCID-5dxs-cdht-27hw"},{"vulnerability":"VCID-5hm4-ms5p-uuae"},{"vulnerability":"VCID-5ppx-p8eq-mbgk"},{"vulnerability":"VCID-5ru2-1n1f-afa4"},{"vulnerability":"VCID-6su8-bbrw-hbhp"},{"vulnerability":"VCID-6u6t-uy5y-5fd6"},{"vulnerability":"VCID-727q-h3ey-6yc9"},{"vulnerability":"VCID-7n9x-c9gs-9yb3"},{"vulnerability":"VCID-83y4-7q4j-h7f8"},{"vulnerability":"VCID-8jcy-3kje-fqeh"},{"vulnerability":"VCID-8p64-6zpt-t3av"},{"vulnerability":"VCID-8vum-snng-jfcv"},{"vulnerability":"VCID-95wn-6r9b-q7et"},{"vulnerability":"VCID-9899-uxyb-73gg"},{"vulnerability":"VCID-a1kt-str6-rqec"},{"vulnerability":"VCID-ansr-8m5j-pya6"},{"vulnerability":"VCID-bstt-ybrs-5ua3"},{"vulnerability":"VCID-c57c-akce-xufq"},{"vulnerability":"VCID-cgqm-1wwf-kbg6"},{"vulnerability":"VCID-dd9u-w2y2-87h9"},{"vulnerability":"VCID-dw8z-wtph-skey"},{"vulnerability":"VCID-dwjk-7sqh-hqa8"},{"vulnerability":"VCID-dyhd-5p1e-fya6"},{"vulnerability":"VCID-e1gr-txgg-fqa6"},{"vulnerability":"VCID-e1ms-4r4s-g7e7"},{"vulnerability":"VCID-e2bk-pfbe-puek"},{"vulnerability":"VCID-e82x-2cdb-7fgn"},{"vulnerability":"VCID-ebku-sk43-m7bf"},{"vulnerability":"VCID-ec17-eauu-67d3"},{"vulnerability":"VCID-ekvp-u4kk-kqdd"},{"vulnerability":"VCID-eutz-mj58-audb"},{"vulnerability":"VCID-ev4k-5k1d-2bhu"},{"vulnerability":"VCID-exjy-5cyn-zfg1"},{"vulnerability":"VCID-fgn1-hswd-ekdf"},{"vulnerability":"VCID-fgqa-5fx9-nkaz"},{"vulnerability":"VCID-fqkx-v8t5-q3h6"},{"vulnerability":"VCID-g7mm-vjbw-bbhd"},{"vulnerability":"VCID-g9ns-sxkx-aqh1"},{"vulnerability":"VCID-gbdn-7ce2-zuf7"},{"vulnerability":"VCID-h217-xe8x-nua3"},{"vulnerability":"VCID-h7hf-sf2q-73ay"},{"vulnerability":"VCID-hm4k-wbq3-r7ej"},{"vulnerability":"VCID-huxd-2e6q-abak"},{"vulnerability":"VCID-hzma-cduk-3uhp"},{"vulnerability":"VCID-j6x1-dfre-2bdq"},{"vulnerability":"VCID-jbkw-4x2d-fqcp"},{"vulnerability":"VCID-jenc-czvj-g3gw"},{"vulnerability":"VCID-jeqr-9tfu-f7b2"},{"vulnerability":"VCID-jf28-91be-6kbr"},{"vulnerability":"VCID-jmea-qzsr-wkf4"},{"vulnerability":"VCID-jn38-wfec-7bb2"},{"vulnerability":"VCID-jx9x-wxwq-5khx"},{"vulnerability":"VCID-kj76-rsr8-yqb3"},{"vulnerability":"VCID-kp2p-nbmg-ufen"},{"vulnerability":"VCID-kqu8-8c1n-73hr"},{"vulnerability":"VCID-ks1q-a8x2-uqht"},{"vulnerability":"VCID-m3nc-xbb4-yubr"},{"vulnerability":"VCID-n18b-qe5x-z7cj"},{"vulnerability":"VCID-n326-yy8y-xuap"},{"vulnerability":"VCID-nhjv-nke2-2kf8"},{"vulnerability":"VCID-nqqc-nkwq-rqhx"},{"vulnerability":"VCID-nvbp-pbjw-3qgx"},{"vulnerability":"VCID-p7gd-anw2-1qbz"},{"vulnerability":"VCID-q5f3-nhjn-hyb4"},{"vulnerability":"VCID-qek9-g3h8-nfdz"},{"vulnerability":"VCID-r6hu-hvdh-abb1"},{"vulnerability":"VCID-rae3-cugy-hbh5"},{"vulnerability":"VCID-rs13-zf7b-mka7"},{"vulnerability":"VCID-s4re-vww7-sugb"},{"vulnerability":"VCID-s97a-nmk8-y3ay"},{"vulnerability":"VCID-sdz8-hju8-4bcb"},{"vulnerability":"VCID-sn8n-mawq-3uht"},{"vulnerability":"VCID-tgyt-axv1-c7ag"},{"vulnerability":"VCID-u37d-tqqe-n7d4"},{"vulnerability":"VCID-u4tq-8qnk-5fd7"},{"vulnerability":"VCID-u6h1-ccgw-jqds"},{"vulnerability":"VCID-ub3e-hrb1-wqac"},{"vulnerability":"VCID-v2qy-dbf2-bffn"},{"vulnerability":"VCID-vq15-t92r-5bhx"},{"vulnerability":"VCID-w58p-3wg1-7ycr"},{"vulnerability":"VCID-w65h-8a9d-ckgj"},{"vulnerability":"VCID-wk4s-4bcd-2yb5"},{"vulnerability":"VCID-wms8-dnuz-b3hc"},{"vulnerability":"VCID-x175-xjek-97ds"},{"vulnerability":"VCID-xpxg-qq49-b7fd"},{"vulnerability":"VCID-xt7m-u9eb-fyd9"},{"vulnerability":"VCID-xw1s-93bu-wuh9"},{"vulnerability":"VCID-y1ap-y4az-x7ec"},{"vulnerability":"VCID-yn6z-9v7k-x7br"},{"vulnerability":"VCID-ys6f-g39p-fkfc"},{"vulnerability":"VCID-zhvz-jzf3-2uac"},{"vulnerability":"VCID-zpxz-291y-x3c7"},{"vulnerability":"VCID-zru2-9g25-77dc"},{"vulnerability":"VCID-zrz3-3dnf-tbay"},{"vulnerability":"VCID-zybp-mb3d-jyee"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.3"}],"aliases":["CVE-2014-3941","GHSA-594h-cx6w-p4jf"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yphc-ujay-7fcs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43975?format=json","vulnerability_id":"VCID-zqe5-53je-mfaw","summary":"Typo3 XSS Vulnerabilities\nMultiple cross-site scripting (XSS) vulnerabilities in unspecified backend components in TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, 6.1.0 before 6.1.9, and 6.2.0 before 6.2.3 allow remote authenticated editors to inject arbitrary web script or HTML via unknown parameters.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2014-06/msg00037.html","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2014-06/msg00037.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3943","reference_id":"","reference_type":"","scores":[{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43151","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43198","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43206","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43123","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43186","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3943"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3941","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3941"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3942","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3942"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3943","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3943"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3944","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3944"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3946","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3946"},{"reference_url":"https://typo3.org/security/advisory/typo3-core-sa-2014-001","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://typo3.org/security/advisory/typo3-core-sa-2014-001"},{"reference_url":"https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001"},{"reference_url":"https://web.archive.org/web/20200229060129/http://www.securityfocus.com/bid/67625","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20200229060129/http://www.securityfocus.com/bid/67625"},{"reference_url":"http://www.debian.org/security/2014/dsa-2942","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2014/dsa-2942"},{"reference_url":"http://www.openwall.com/lists/oss-security/2014/06/03/2","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2014/06/03/2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3943","reference_id":"CVE-2014-3943","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3943"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2014-3943.yaml","reference_id":"CVE-2014-3943.YAML","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2014-3943.yaml"},{"reference_url":"https://github.com/advisories/GHSA-qqh2-h6gw-6x8x","reference_id":"GHSA-qqh2-h6gw-6x8x","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qqh2-h6gw-6x8x"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/62896?format=json","purl":"pkg:composer/typo3/cms@6.0.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2f2m-tcjn-fyby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.0.14"},{"url":"http://public2.vulnerablecode.io/api/packages/62897?format=json","purl":"pkg:composer/typo3/cms@6.1.9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.1.9"},{"url":"http://public2.vulnerablecode.io/api/packages/51878?format=json","purl":"pkg:composer/typo3/cms@6.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ef6-uy9t-mqcu"},{"vulnerability":"VCID-1efr-h9gq-r7h1"},{"vulnerability":"VCID-1u4r-r97q-3yfk"},{"vulnerability":"VCID-1usv-hs5c-akb2"},{"vulnerability":"VCID-2f2m-tcjn-fyby"},{"vulnerability":"VCID-2r7u-mc45-8yhe"},{"vulnerability":"VCID-39jx-muqb-nkfq"},{"vulnerability":"VCID-3ump-aca5-g7b6"},{"vulnerability":"VCID-4wnp-gusy-43b8"},{"vulnerability":"VCID-5dxs-cdht-27hw"},{"vulnerability":"VCID-5hm4-ms5p-uuae"},{"vulnerability":"VCID-5ppx-p8eq-mbgk"},{"vulnerability":"VCID-5ru2-1n1f-afa4"},{"vulnerability":"VCID-6su8-bbrw-hbhp"},{"vulnerability":"VCID-6u6t-uy5y-5fd6"},{"vulnerability":"VCID-727q-h3ey-6yc9"},{"vulnerability":"VCID-7n9x-c9gs-9yb3"},{"vulnerability":"VCID-83y4-7q4j-h7f8"},{"vulnerability":"VCID-8jcy-3kje-fqeh"},{"vulnerability":"VCID-8p64-6zpt-t3av"},{"vulnerability":"VCID-8vum-snng-jfcv"},{"vulnerability":"VCID-95wn-6r9b-q7et"},{"vulnerability":"VCID-9899-uxyb-73gg"},{"vulnerability":"VCID-a1kt-str6-rqec"},{"vulnerability":"VCID-ansr-8m5j-pya6"},{"vulnerability":"VCID-bstt-ybrs-5ua3"},{"vulnerability":"VCID-c57c-akce-xufq"},{"vulnerability":"VCID-cgqm-1wwf-kbg6"},{"vulnerability":"VCID-dd9u-w2y2-87h9"},{"vulnerability":"VCID-dw8z-wtph-skey"},{"vulnerability":"VCID-dwjk-7sqh-hqa8"},{"vulnerability":"VCID-dyhd-5p1e-fya6"},{"vulnerability":"VCID-e1gr-txgg-fqa6"},{"vulnerability":"VCID-e1ms-4r4s-g7e7"},{"vulnerability":"VCID-e2bk-pfbe-puek"},{"vulnerability":"VCID-e82x-2cdb-7fgn"},{"vulnerability":"VCID-ebku-sk43-m7bf"},{"vulnerability":"VCID-ec17-eauu-67d3"},{"vulnerability":"VCID-ekvp-u4kk-kqdd"},{"vulnerability":"VCID-eutz-mj58-audb"},{"vulnerability":"VCID-ev4k-5k1d-2bhu"},{"vulnerability":"VCID-exjy-5cyn-zfg1"},{"vulnerability":"VCID-fgn1-hswd-ekdf"},{"vulnerability":"VCID-fgqa-5fx9-nkaz"},{"vulnerability":"VCID-fqkx-v8t5-q3h6"},{"vulnerability":"VCID-g7mm-vjbw-bbhd"},{"vulnerability":"VCID-g9ns-sxkx-aqh1"},{"vulnerability":"VCID-gbdn-7ce2-zuf7"},{"vulnerability":"VCID-h217-xe8x-nua3"},{"vulnerability":"VCID-h7hf-sf2q-73ay"},{"vulnerability":"VCID-hm4k-wbq3-r7ej"},{"vulnerability":"VCID-huxd-2e6q-abak"},{"vulnerability":"VCID-hzma-cduk-3uhp"},{"vulnerability":"VCID-j6x1-dfre-2bdq"},{"vulnerability":"VCID-jbkw-4x2d-fqcp"},{"vulnerability":"VCID-jenc-czvj-g3gw"},{"vulnerability":"VCID-jeqr-9tfu-f7b2"},{"vulnerability":"VCID-jf28-91be-6kbr"},{"vulnerability":"VCID-jmea-qzsr-wkf4"},{"vulnerability":"VCID-jn38-wfec-7bb2"},{"vulnerability":"VCID-jx9x-wxwq-5khx"},{"vulnerability":"VCID-kj76-rsr8-yqb3"},{"vulnerability":"VCID-kp2p-nbmg-ufen"},{"vulnerability":"VCID-kqu8-8c1n-73hr"},{"vulnerability":"VCID-ks1q-a8x2-uqht"},{"vulnerability":"VCID-m3nc-xbb4-yubr"},{"vulnerability":"VCID-n18b-qe5x-z7cj"},{"vulnerability":"VCID-n326-yy8y-xuap"},{"vulnerability":"VCID-nhjv-nke2-2kf8"},{"vulnerability":"VCID-nqqc-nkwq-rqhx"},{"vulnerability":"VCID-nvbp-pbjw-3qgx"},{"vulnerability":"VCID-p7gd-anw2-1qbz"},{"vulnerability":"VCID-q5f3-nhjn-hyb4"},{"vulnerability":"VCID-qek9-g3h8-nfdz"},{"vulnerability":"VCID-r6hu-hvdh-abb1"},{"vulnerability":"VCID-rae3-cugy-hbh5"},{"vulnerability":"VCID-rs13-zf7b-mka7"},{"vulnerability":"VCID-s4re-vww7-sugb"},{"vulnerability":"VCID-s97a-nmk8-y3ay"},{"vulnerability":"VCID-sdz8-hju8-4bcb"},{"vulnerability":"VCID-sn8n-mawq-3uht"},{"vulnerability":"VCID-tgyt-axv1-c7ag"},{"vulnerability":"VCID-u37d-tqqe-n7d4"},{"vulnerability":"VCID-u4tq-8qnk-5fd7"},{"vulnerability":"VCID-u6h1-ccgw-jqds"},{"vulnerability":"VCID-ub3e-hrb1-wqac"},{"vulnerability":"VCID-v2qy-dbf2-bffn"},{"vulnerability":"VCID-vq15-t92r-5bhx"},{"vulnerability":"VCID-w58p-3wg1-7ycr"},{"vulnerability":"VCID-w65h-8a9d-ckgj"},{"vulnerability":"VCID-wk4s-4bcd-2yb5"},{"vulnerability":"VCID-wms8-dnuz-b3hc"},{"vulnerability":"VCID-x175-xjek-97ds"},{"vulnerability":"VCID-xpxg-qq49-b7fd"},{"vulnerability":"VCID-xt7m-u9eb-fyd9"},{"vulnerability":"VCID-xw1s-93bu-wuh9"},{"vulnerability":"VCID-y1ap-y4az-x7ec"},{"vulnerability":"VCID-yn6z-9v7k-x7br"},{"vulnerability":"VCID-ys6f-g39p-fkfc"},{"vulnerability":"VCID-zhvz-jzf3-2uac"},{"vulnerability":"VCID-zpxz-291y-x3c7"},{"vulnerability":"VCID-zru2-9g25-77dc"},{"vulnerability":"VCID-zrz3-3dnf-tbay"},{"vulnerability":"VCID-zybp-mb3d-jyee"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.3"}],"aliases":["CVE-2014-3943","GHSA-qqh2-h6gw-6x8x"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zqe5-53je-mfaw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/112195?format=json","vulnerability_id":"VCID-zsxp-jm33-tfah","summary":"TYPO3 vulnerable to remote authenticated arbitrary code execution\nThe File Abstraction Layer (FAL) in TYPO3 6.0.x before 6.0.9 and 6.1.x before 6.1.4 allows remote authenticated editors to execute arbitrary PHP code via unspecified characters in the file extension when renaming a file.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4250.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4321","reference_id":"","reference_type":"","scores":[{"value":"0.00485","scoring_system":"epss","scoring_elements":"0.65749","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00485","scoring_system":"epss","scoring_elements":"0.65708","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00485","scoring_system":"epss","scoring_elements":"0.65761","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00485","scoring_system":"epss","scoring_elements":"0.65773","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00485","scoring_system":"epss","scoring_elements":"0.6576","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4321"},{"reference_url":"https://github.com/TYPO3/typo3","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/TYPO3/typo3"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4321","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4321"},{"reference_url":"https://typo3.org/security/advisory/typo3-core-sa-2013-003","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://typo3.org/security/advisory/typo3-core-sa-2013-003"},{"reference_url":"https://github.com/advisories/GHSA-m76j-69c2-c3m8","reference_id":"GHSA-m76j-69c2-c3m8","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-m76j-69c2-c3m8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/155223?format=json","purl":"pkg:composer/typo3/cms@6.0.9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.0.9"},{"url":"http://public2.vulnerablecode.io/api/packages/155225?format=json","purl":"pkg:composer/typo3/cms@6.1.4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.1.4"}],"aliases":["CVE-2013-4321","GHSA-m76j-69c2-c3m8"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zsxp-jm33-tfah"}],"fixing_vulnerabilities":[],"risk_score":"4.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.0.0"}