Packagist (Composer) package
kitodo/presentation
pkg:composer/kitodo/presentation
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-24980 | — | < 2.3.2 | 2.3.2 | Feb 19, 2022 | An issue was discovered in the Kitodo.Presentation (aka dif) extension before 2.3.2, 3.x before 3.2.3, and 3.3.x before 3.3.4 for TYPO3. A missing access check in an eID script allows an unauthenticated user to submit arbitrary URLs to this component. This results in SSRF, allowi | ||
| CVE-2020-16095 | — | < 3.1.2 | 3.1.2 | Jul 29, 2020 | The dlf (aka Kitodo.Presentation) extension before 3.1.2 for TYPO3 allows XSS. |
- CVE-2022-24980Feb 19, 2022affected < 2.3.2fixed 2.3.2
An issue was discovered in the Kitodo.Presentation (aka dif) extension before 2.3.2, 3.x before 3.2.3, and 3.3.x before 3.3.4 for TYPO3. A missing access check in an eID script allows an unauthenticated user to submit arbitrary URLs to this component. This results in SSRF, allowi
- CVE-2020-16095Jul 29, 2020affected < 3.1.2fixed 3.1.2
The dlf (aka Kitodo.Presentation) extension before 3.1.2 for TYPO3 allows XSS.