VulnerableCode Package Details - pkg:composer/typo3/cms@6.2.26

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-6bne-vnc6-wfe9	Cross-site Scripting Cross-Site Scripting vulnerability in typolinks.	2016-07-19-5
VCID-8a25-9af4-tyhk	Insecure Unserialize in TYPO3 Import/Export Failing to properly validate incoming import data, the Import/Export component is susceptible to insecure unserialize. To exploit this vulnerability a valid backend user account is needed.	GHSA-xvcp-33rc-j8gq
VCID-axg7-qg5u-kbg7	Cross-Site Scripting in TYPO3 Backend Failing to properly encode user input, some backend components are vulnerable to Cross-Site Scripting. A valid backend user account is needed to exploit this vulnerability.	GHSA-86r8-4g3w-7xjp
VCID-cdkv-3rbf-27ed	Information Disclosure in TYPO3 Backend.	2016-07-19-4
VCID-d2qd-qjn9-jffs	Cross-site Scripting Cross-Site Scripting in TYPO3 Backend.	2016-07-19-1
VCID-d381-rcq3-n3az	Information Disclosure in TYPO3 Backend The TYPO3 backend module stores the username of an authenticated backend user in its cache files. By guessing the file path to the cache files it is possible to receive valid backend usernames.	GHSA-vpr3-rc99-2wpr
VCID-dm6k-fzm6-sqbe	Cross-Site Scripting (XSS) vulnerability in typolinks All link fields within the TYPO3 installation are vulnerable to Cross-Site Scripting as authorized editors can insert data commands by using the url scheme "data:".	GHSA-p5c5-gmj4-g48f
VCID-j1nq-26xv-yff3	SQL Injection in TYPO3 Frontend Login Failing to properly escape user input, the frontend login component is vulnerable to SQL Injection. A valid frontend user account is needed to exploit this vulnerability.	GHSA-j86x-pjmr-9m6w
VCID-m3gb-henf-4uga	SQL Injection in TYPO3 Frontend Login.	2016-07-19-3
VCID-psu6-y6fc-nqh4	Deserialization of Untrusted Data Insecure Unserialize in TYPO3 Import/Export.	2016-07-19-2

Vulnerability

Summary

Aliases

VCID-6bne-vnc6-wfe9

Cross-site Scripting Cross-Site Scripting vulnerability in typolinks.

2016-07-19-5

VCID-8a25-9af4-tyhk

Insecure Unserialize in TYPO3 Import/Export Failing to properly validate incoming import data, the Import/Export component is susceptible to insecure unserialize. To exploit this vulnerability a valid backend user account is needed.

GHSA-xvcp-33rc-j8gq

VCID-axg7-qg5u-kbg7

Cross-Site Scripting in TYPO3 Backend Failing to properly encode user input, some backend components are vulnerable to Cross-Site Scripting. A valid backend user account is needed to exploit this vulnerability.

GHSA-86r8-4g3w-7xjp

VCID-cdkv-3rbf-27ed

Information Disclosure in TYPO3 Backend.

2016-07-19-4

VCID-d2qd-qjn9-jffs

Cross-site Scripting Cross-Site Scripting in TYPO3 Backend.

2016-07-19-1

VCID-d381-rcq3-n3az

Information Disclosure in TYPO3 Backend The TYPO3 backend module stores the username of an authenticated backend user in its cache files. By guessing the file path to the cache files it is possible to receive valid backend usernames.

GHSA-vpr3-rc99-2wpr

VCID-dm6k-fzm6-sqbe

Cross-Site Scripting (XSS) vulnerability in typolinks All link fields within the TYPO3 installation are vulnerable to Cross-Site Scripting as authorized editors can insert data commands by using the url scheme "data:".

GHSA-p5c5-gmj4-g48f

VCID-j1nq-26xv-yff3

SQL Injection in TYPO3 Frontend Login Failing to properly escape user input, the frontend login component is vulnerable to SQL Injection. A valid frontend user account is needed to exploit this vulnerability.

GHSA-j86x-pjmr-9m6w

VCID-m3gb-henf-4uga

SQL Injection in TYPO3 Frontend Login.

2016-07-19-3

VCID-psu6-y6fc-nqh4

Deserialization of Untrusted Data Insecure Unserialize in TYPO3 Import/Export.

2016-07-19-2

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-07-03T13:56:52.568398+00:00	GitLab Importer	Fixing	VCID-j1nq-26xv-yff3	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/cms/GHSA-j86x-pjmr-9m6w.yml	36.1.3
2025-07-03T13:56:52.354006+00:00	GitLab Importer	Fixing	VCID-dm6k-fzm6-sqbe	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/cms/GHSA-p5c5-gmj4-g48f.yml	36.1.3
2025-07-03T13:56:52.250161+00:00	GitLab Importer	Fixing	VCID-d381-rcq3-n3az	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/cms/GHSA-vpr3-rc99-2wpr.yml	36.1.3
2025-07-03T13:56:51.704528+00:00	GitLab Importer	Fixing	VCID-8a25-9af4-tyhk	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/cms/GHSA-xvcp-33rc-j8gq.yml	36.1.3
2025-07-03T13:56:51.329621+00:00	GitLab Importer	Fixing	VCID-axg7-qg5u-kbg7	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/cms/GHSA-86r8-4g3w-7xjp.yml	36.1.3
2025-07-01T18:10:14.622752+00:00	GitLab Importer	Fixing	VCID-6bne-vnc6-wfe9	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/cms/2016-07-19-5.yml	36.1.3
2025-07-01T18:10:14.586397+00:00	GitLab Importer	Fixing	VCID-d2qd-qjn9-jffs	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/cms/2016-07-19-1.yml	36.1.3
2025-07-01T18:10:14.528671+00:00	GitLab Importer	Fixing	VCID-m3gb-henf-4uga	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/cms/2016-07-19-3.yml	36.1.3
2025-07-01T18:10:14.501826+00:00	GitLab Importer	Fixing	VCID-psu6-y6fc-nqh4	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/cms/2016-07-19-2.yml	36.1.3
2025-07-01T18:10:14.469064+00:00	GitLab Importer	Fixing	VCID-cdkv-3rbf-27ed	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/cms/2016-07-19-4.yml	36.1.3
2025-07-01T14:35:05.743759+00:00	GHSA Importer	Fixing	VCID-dm6k-fzm6-sqbe	https://github.com/advisories/GHSA-p5c5-gmj4-g48f	36.1.3
2025-07-01T14:35:05.623476+00:00	GHSA Importer	Fixing	VCID-d381-rcq3-n3az	https://github.com/advisories/GHSA-vpr3-rc99-2wpr	36.1.3
2025-07-01T14:35:05.555623+00:00	GHSA Importer	Fixing	VCID-j1nq-26xv-yff3	https://github.com/advisories/GHSA-j86x-pjmr-9m6w	36.1.3
2025-07-01T14:35:05.473807+00:00	GHSA Importer	Fixing	VCID-8a25-9af4-tyhk	https://github.com/advisories/GHSA-xvcp-33rc-j8gq	36.1.3
2025-07-01T14:35:05.406983+00:00	GHSA Importer	Fixing	VCID-axg7-qg5u-kbg7	https://github.com/advisories/GHSA-86r8-4g3w-7xjp	36.1.3
2025-07-01T12:11:09.718982+00:00	GithubOSV Importer	Fixing	VCID-d381-rcq3-n3az	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/06/GHSA-vpr3-rc99-2wpr/GHSA-vpr3-rc99-2wpr.json	36.1.3
2025-07-01T12:11:08.612614+00:00	GithubOSV Importer	Fixing	VCID-dm6k-fzm6-sqbe	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/06/GHSA-p5c5-gmj4-g48f/GHSA-p5c5-gmj4-g48f.json	36.1.3
2025-07-01T12:11:03.089538+00:00	GithubOSV Importer	Fixing	VCID-j1nq-26xv-yff3	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/06/GHSA-j86x-pjmr-9m6w/GHSA-j86x-pjmr-9m6w.json	36.1.3
2025-07-01T12:11:00.482079+00:00	GithubOSV Importer	Fixing	VCID-axg7-qg5u-kbg7	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/06/GHSA-86r8-4g3w-7xjp/GHSA-86r8-4g3w-7xjp.json	36.1.3
2025-07-01T12:10:58.114143+00:00	GithubOSV Importer	Fixing	VCID-8a25-9af4-tyhk	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/06/GHSA-xvcp-33rc-j8gq/GHSA-xvcp-33rc-j8gq.json	36.1.3