Packagist (Composer) package
typo3/cms-backend
pkg:composer/typo3/cms-backend
Vulnerabilities (22)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2009-3628 | — | <= 4.0.13 | — | Nov 2, 2009 | The Backend subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before 4.1.13, 4.2.x before 4.2.10, and 4.3.x before 4.3beta2 allows remote authenticated users to determine an encryption key via crafted input to a tt_content form element. | ||
| CVE-2008-5644 | — | >= 4.2.2, < 4.2.3 | 4.2.3 | Dec 17, 2008 | Cross-site scripting (XSS) vulnerability in the file backend module in TYPO3 4.2.2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. |
- CVE-2009-3628Nov 2, 2009affected <= 4.0.13
The Backend subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before 4.1.13, 4.2.x before 4.2.10, and 4.3.x before 4.3beta2 allows remote authenticated users to determine an encryption key via crafted input to a tt_content form element.
- CVE-2008-5644Dec 17, 2008affected >= 4.2.2, < 4.2.3fixed 4.2.3
Cross-site scripting (XSS) vulnerability in the file backend module in TYPO3 4.2.2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
Page 2 of 2