Moderate severityNVD Advisory· Published Aug 13, 2021· Updated Aug 4, 2024
CVE-2021-36785
CVE-2021-36785
Description
The miniorange_saml (aka Miniorange Saml) extension before 1.4.3 for TYPO3 allows XSS.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
miniorange/miniorange-samlPackagist | < 1.4.3 | 1.4.3 |
Affected products
2- TYPO3/miniorange_samldescription
Patches
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
5- github.com/advisories/GHSA-jj8r-p9f5-fmvvghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-36785ghsaADVISORY
- github.com/miniOrangeDev/miniorange-saml-typo3-sso/commit/1fe2802267ffe1b48823d9d8b3a496c870a0af48ghsaWEB
- typo3.org/help/security-advisories/securityghsax_refsource_MISCWEB
- typo3.org/security/advisory/typo3-ext-sa-2021-011ghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.