VulnerableCode Package Details - pkg:composer/typo3/cms@7.6.11

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-bd6u-nca5-gyeu	Cross-Site Scripting (XSS) in TYPO3 Backend Failing to properly encode user input, the page module is vulnerable to Cross-Site Scripting. A valid backend user account with permissions to edit plugins is needed to exploit this vulnerability.	GHSA-hq37-rfjc-mr8h
VCID-f6sb-d831-u3fh	Failing to properly encode user input, the page module is vulnerable to Cross-Site Scripting. A valid backend user account with permissions to edit plugins is needed to exploit this vulnerability.	TYPO3-CORE-SA-2016-021
VCID-gb7f-4sm6-tkaw	Uncontrolled Resource Consumption Cache Flooding in TYPO3 Frontend.	2016-09-14-2
VCID-ky6n-ka2n-ayhu	Cache Flooding in Frontend Links with a valid cHash argument lead to newly generated page cache entries. Because the cHash is not bound to a specific page, attackers could use valid cHash arguments for multiple pages, leading to additional useless page cache entries. Depending on the number of pages in the system and the number of available valid links with a cHash, attackers could add a considerable amount of additional cache entries, which in the end exceed storage limits and thus could lead to the system not responding any more. This means the Cache Flooding attack potentially could lead to a successful Denial of Service (DoS) attack.	TYPO3-CORE-SA-2016-022
VCID-t352-87cy-4qhm	Cache Flooding in TYPO3 Frontend Links with a valid cHash argument lead to newly generated page cache entries. Because the cHash is not bound to a specific page, attackers could use valid cHash arguments for multiple pages, leading to additional useless page cache entries. Depending on the number of pages in the system and the number of available valid links with a cHash, attackers could add a considerable amount of additional cache entries, which in the end exceed storage limits and thus could lead to the system not responding any more. This means the Cache Flooding attack potentially could lead to a successful Denial of Service (DoS) attack.	GHSA-pw2q-qwvj-gh43
VCID-t7fe-ph2m-j3e5	Cross-site Scripting XSS in TYPO3 Backend.	2016-09-14-1

Vulnerability

Summary

Aliases

VCID-bd6u-nca5-gyeu

Cross-Site Scripting (XSS) in TYPO3 Backend Failing to properly encode user input, the page module is vulnerable to Cross-Site Scripting. A valid backend user account with permissions to edit plugins is needed to exploit this vulnerability.

GHSA-hq37-rfjc-mr8h

VCID-f6sb-d831-u3fh

Failing to properly encode user input, the page module is vulnerable to Cross-Site Scripting. A valid backend user account with permissions to edit plugins is needed to exploit this vulnerability.

TYPO3-CORE-SA-2016-021

VCID-gb7f-4sm6-tkaw

Uncontrolled Resource Consumption Cache Flooding in TYPO3 Frontend.

2016-09-14-2

VCID-ky6n-ka2n-ayhu

Cache Flooding in Frontend Links with a valid cHash argument lead to newly generated page cache entries. Because the cHash is not bound to a specific page, attackers could use valid cHash arguments for multiple pages, leading to additional useless page cache entries. Depending on the number of pages in the system and the number of available valid links with a cHash, attackers could add a considerable amount of additional cache entries, which in the end exceed storage limits and thus could lead to the system not responding any more. This means the Cache Flooding attack potentially could lead to a successful Denial of Service (DoS) attack.

TYPO3-CORE-SA-2016-022

VCID-t352-87cy-4qhm

Cache Flooding in TYPO3 Frontend Links with a valid cHash argument lead to newly generated page cache entries. Because the cHash is not bound to a specific page, attackers could use valid cHash arguments for multiple pages, leading to additional useless page cache entries. Depending on the number of pages in the system and the number of available valid links with a cHash, attackers could add a considerable amount of additional cache entries, which in the end exceed storage limits and thus could lead to the system not responding any more. This means the Cache Flooding attack potentially could lead to a successful Denial of Service (DoS) attack.

GHSA-pw2q-qwvj-gh43

VCID-t7fe-ph2m-j3e5

Cross-site Scripting XSS in TYPO3 Backend.

2016-09-14-1

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-07-03T13:56:52.848708+00:00	GitLab Importer	Fixing	VCID-bd6u-nca5-gyeu	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/cms/GHSA-hq37-rfjc-mr8h.yml	36.1.3
2025-07-03T13:56:52.785688+00:00	GitLab Importer	Fixing	VCID-t352-87cy-4qhm	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/cms/GHSA-pw2q-qwvj-gh43.yml	36.1.3
2025-07-01T18:10:15.746803+00:00	GitLab Importer	Fixing	VCID-f6sb-d831-u3fh	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/cms/TYPO3-CORE-SA-2016-021.yml	36.1.3
2025-07-01T18:10:15.720220+00:00	GitLab Importer	Fixing	VCID-ky6n-ka2n-ayhu	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/cms/TYPO3-CORE-SA-2016-022.yml	36.1.3
2025-07-01T18:10:14.303799+00:00	GitLab Importer	Fixing	VCID-gb7f-4sm6-tkaw	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/cms/2016-09-14-2.yml	36.1.3
2025-07-01T18:10:14.268779+00:00	GitLab Importer	Fixing	VCID-t7fe-ph2m-j3e5	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/cms/2016-09-14-1.yml	36.1.3
2025-07-01T14:35:06.186590+00:00	GHSA Importer	Fixing	VCID-t352-87cy-4qhm	https://github.com/advisories/GHSA-pw2q-qwvj-gh43	36.1.3
2025-07-01T14:35:05.712830+00:00	GHSA Importer	Fixing	VCID-bd6u-nca5-gyeu	https://github.com/advisories/GHSA-hq37-rfjc-mr8h	36.1.3
2025-07-01T12:11:03.654336+00:00	GithubOSV Importer	Fixing	VCID-bd6u-nca5-gyeu	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/06/GHSA-hq37-rfjc-mr8h/GHSA-hq37-rfjc-mr8h.json	36.1.3
2025-07-01T12:11:02.534541+00:00	GithubOSV Importer	Fixing	VCID-t352-87cy-4qhm	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/06/GHSA-pw2q-qwvj-gh43/GHSA-pw2q-qwvj-gh43.json	36.1.3