Search for packages
| purl | pkg:composer/typo3/cms@6.2.25 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-a8wf-nz2q-s3gh | Missing Access Check in TYPO3 CMS Extbase request handling fails to implement a proper access check for requested controller/ action combinations, which makes it possible for an attacker to execute arbitrary Extbase actions by crafting a special request. To successfully exploit this vulnerability, an attacker must have access to at least one Extbase plugin or module action in a TYPO3 installation. The missing access check inevitably leads to information disclosure or remote code execution, depending on the action that an attacker is able to execute. |
GHSA-gwfx-p7mr-f92v
|
| VCID-aujs-m8j8-guh1 | Improper Access Control Missing Access Check in TYPO3 CMS. |
2016-05-24-1
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-07-03T13:56:51.919500+00:00 | GitLab Importer | Fixing | VCID-a8wf-nz2q-s3gh | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/cms/GHSA-gwfx-p7mr-f92v.yml | 36.1.3 |
| 2025-07-01T18:10:13.130296+00:00 | GitLab Importer | Fixing | VCID-aujs-m8j8-guh1 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/cms/2016-05-24-1.yml | 36.1.3 |
| 2025-07-01T14:35:05.522514+00:00 | GHSA Importer | Fixing | VCID-a8wf-nz2q-s3gh | https://github.com/advisories/GHSA-gwfx-p7mr-f92v | 36.1.3 |
| 2025-07-01T12:11:02.161531+00:00 | GithubOSV Importer | Fixing | VCID-a8wf-nz2q-s3gh | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/06/GHSA-gwfx-p7mr-f92v/GHSA-gwfx-p7mr-f92v.json | 36.1.3 |