High severityNVD Advisory· Published Jul 1, 2013· Updated Apr 29, 2026
CVE-2013-4748
CVE-2013-4748
Description
SQL injection vulnerability in the News system (news) extension before 1.3.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
georgringer/newsPackagist | < 1.3.3 | 1.3.3 |
Affected products
2Patches
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-001/nvdVendor Advisory
- github.com/advisories/GHSA-rg6g-v4xm-g49qghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2013-4748ghsaADVISORY
- typo3.org/extensions/repository/view/newsnvdWEB
- exchange.xforce.ibmcloud.com/vulnerabilities/81192nvdWEB
- web.archive.org/web/20130214093535/http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-001ghsaWEB
- osvdb.org/89134nvd
News mentions
0No linked articles in our index yet.