Packagist (Composer) package
typo3/cms-core
pkg:composer/typo3/cms-core
Vulnerabilities (92)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-22188 | — | >= 8.0.0, < 8.7.57 | 8.7.57 | Mar 5, 2024 | TYPO3 before 13.0.1 allows an authenticated admin user (with system maintainer privileges) to execute arbitrary shell commands (with the privileges of the web server) via a command injection vulnerability in form fields of the Install Tool. The fixed versions are 8.7.57 ELTS, 9.5 | ||
| CVE-2024-25118 | — | >= 8.0.0, < 8.7.57 | 8.7.57 | Feb 13, 2024 | TYPO3 is an open source PHP based web content management system released under the GNU GPL. Password hashes were being reflected in the editing forms of the TYPO3 backend user interface. This allowed attackers to crack the plaintext password using brute force techniques. Exploiti | ||
| CVE-2024-25119 | — | >= 8.0.0, < 8.7.57 | 8.7.57 | Feb 13, 2024 | TYPO3 is an open source PHP based web content management system released under the GNU GPL. The plaintext value of `$GLOBALS['SYS']['encryptionKey']` was displayed in the editing forms of the TYPO3 Install Tool user interface. This allowed attackers to utilize the value to genera | ||
| CVE-2024-25120 | — | >= 8.0.0, < 8.7.57 | 8.7.57 | Feb 13, 2024 | TYPO3 is an open source PHP based web content management system released under the GNU GPL. The TYPO3-specific `t3://` URI scheme could be used to access resources outside of the users' permission scope. This encompassed files, folders, pages, and records (although only if a vali | ||
| CVE-2024-25121 | — | >= 8.0.0, < 8.7.57 | 8.7.57 | Feb 13, 2024 | TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions of TYPO3 entities of the File Abstraction Layer (FAL) could be persisted directly via `DataHandler`. This allowed attackers to reference files in the fallback storage | ||
| CVE-2023-30451 | Med | 4.9 | >= 8.0.0, < 8.7.57 | 8.7.57 | Dec 25, 2023 | In TYPO3 11.5.24, the filelist component allows attackers (who have access to the administrator panel) to read arbitrary files via directory traversal in the baseuri field, as demonstrated by POST /typo3/record/edit with ../../../ in data[sys_file_storage]*[data][sDEF][lDEF][base | |
| CVE-2023-47127 | Med | 4.2 | >= 8.0.0, < 8.7.55 | 8.7.55 | Nov 14, 2023 | TYPO3 is an open source PHP based web content management system released under the GNU GPL. In typo3 installations there are always at least two different sites. Eg. first.example.org and second.example.com. In affected versions a session cookie generated for the first site can b | |
| CVE-2023-38499 | Low | 3.7 | >= 9.4.0, < 9.5.42 | 9.5.42 | Jul 25, 2023 | TYPO3 is an open source PHP based web content management system. Starting in version 9.4.0 and prior to versions 9.5.42 ELTS, 10.4.39 ELTS, 11.5.30, and 12.4.4, in multi-site scenarios, enumerating the HTTP query parameters `id` and `L` allowed out-of-scope access to rendered con | |
| CVE-2023-24814 | Hig | 8.8 | >= 12.0.0, < 12.2.0 | 12.2.0 | Feb 7, 2023 | TYPO3 is a free and open source Content Management Framework released under the GNU General Public License. In affected versions the TYPO3 core component `GeneralUtility::getIndpEnv()` uses the unfiltered server environment variable `PATH_INFO`, which allows attackers to inject m | |
| CVE-2022-23504 | Med | 5.7 | >= 9.0.0, < 9.5.38 | 9.5.38 | Dec 14, 2022 | TYPO3 is an open source PHP based web content management system. Versions prior to 9.5.38, 10.4.33, 11.5.20, and 12.1.1 are subject to Sensitive Information Disclosure. Due to the lack of handling user-submitted YAML placeholder expressions in the site configuration backend modul | |
| CVE-2022-23503 | Hig | 7.5 | >= 8.0.0, < 8.7.49 | 8.7.49 | Dec 14, 2022 | TYPO3 is an open source PHP based web content management system. Versions prior to 8.7.49, 9.5.38, 10.4.33, 11.5.20, and 12.1.1 are vulnerable to Code Injection. Due to the lack of separating user-submitted data from the internal configuration in the Form Designer backend module, | |
| CVE-2022-23502 | Med | 5.4 | >= 10.0.0, < 10.4.33 | 10.4.33 | Dec 14, 2022 | TYPO3 is an open source PHP based web content management system. In versions prior to 10.4.33, 11.5.20, and 12.1.1, When users reset their password using the corresponding password recovery functionality, existing sessions for that particular user account were not revoked. This a | |
| CVE-2022-23501 | Med | 5.9 | < 8.7.49 | 8.7.49 | Dec 14, 2022 | TYPO3 is an open source PHP based web content management system. In versions prior to 8.7.49, 9.5.38, 10.4.33, 11.5.20, and 12.1.1 TYPO3 is vulnerable to Improper Authentication. Restricting frontend login to specific users, organized in different storage folders (partitions), ca | |
| CVE-2022-23500 | Med | 5.9 | >= 9.0.0, < 9.5.38 | 9.5.38 | Dec 14, 2022 | TYPO3 is an open source PHP based web content management system. In versions prior to 9.5.38, 10.4.33, 11.5.20, and 12.1.1, requesting invalid or non-existing resources via HTTP triggers the page error handler, which again could retrieve content to be shown as an error message fr | |
| CVE-2022-36108 | Med | 6.5 | >= 10.3.0, < 10.4.32 | 10.4.32 | Sep 13, 2022 | TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that the `f:asset.css` view helper is vulnerable to cross-site scripting when user input is passed as variables to the CSS. Update to TYPO3 version 10.4.32 or 11.5.1 | |
| CVE-2022-36107 | Med | 6.5 | >= 7.0.0, < 7.6.58 | 7.6.58 | Sep 13, 2022 | TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that the `FileDumpController` (backend and frontend context) is vulnerable to cross-site scripting when malicious files are displayed using this component. A valid b | |
| CVE-2022-36106 | Med | 5.4 | >= 10.4.0, < 10.4.32 | 10.4.32 | Sep 13, 2022 | TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that the expiration time of a password reset link for TYPO3 backend users has never been evaluated. As a result, a password reset link could be used to perform a pas | |
| CVE-2022-36105 | Med | 5.3 | >= 7.0.0, < 7.6.58 | 7.6.58 | Sep 13, 2022 | TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that observing response time during user authentication (backend and frontend) can be used to distinguish between existing and non-existing user accounts. Extension | |
| CVE-2022-36104 | Med | 5.9 | >= 11.4.0, < 11.5.16 | 11.5.16 | Sep 13, 2022 | TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions requesting invalid or non-existing resources via HTTP triggers the page error handler which again could retrieve content to be shown as an error message from another p | |
| CVE-2022-36020 | Med | 6.1 | >= 10.0.0, < 10.4.32 | 10.4.32 | Sep 13, 2022 | The typo3/html-sanitizer package is an HTML sanitizer, written in PHP, aiming to provide XSS-safe markup based on explicitly allowed tags, attributes and values. Due to a parsing issue in the upstream package `masterminds/html5`, malicious markup used in a sequence with special H |
- CVE-2024-22188Mar 5, 2024affected >= 8.0.0, < 8.7.57fixed 8.7.57
TYPO3 before 13.0.1 allows an authenticated admin user (with system maintainer privileges) to execute arbitrary shell commands (with the privileges of the web server) via a command injection vulnerability in form fields of the Install Tool. The fixed versions are 8.7.57 ELTS, 9.5
- CVE-2024-25118Feb 13, 2024affected >= 8.0.0, < 8.7.57fixed 8.7.57
TYPO3 is an open source PHP based web content management system released under the GNU GPL. Password hashes were being reflected in the editing forms of the TYPO3 backend user interface. This allowed attackers to crack the plaintext password using brute force techniques. Exploiti
- CVE-2024-25119Feb 13, 2024affected >= 8.0.0, < 8.7.57fixed 8.7.57
TYPO3 is an open source PHP based web content management system released under the GNU GPL. The plaintext value of `$GLOBALS['SYS']['encryptionKey']` was displayed in the editing forms of the TYPO3 Install Tool user interface. This allowed attackers to utilize the value to genera
- CVE-2024-25120Feb 13, 2024affected >= 8.0.0, < 8.7.57fixed 8.7.57
TYPO3 is an open source PHP based web content management system released under the GNU GPL. The TYPO3-specific `t3://` URI scheme could be used to access resources outside of the users' permission scope. This encompassed files, folders, pages, and records (although only if a vali
- CVE-2024-25121Feb 13, 2024affected >= 8.0.0, < 8.7.57fixed 8.7.57
TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions of TYPO3 entities of the File Abstraction Layer (FAL) could be persisted directly via `DataHandler`. This allowed attackers to reference files in the fallback storage
- affected >= 8.0.0, < 8.7.57fixed 8.7.57
In TYPO3 11.5.24, the filelist component allows attackers (who have access to the administrator panel) to read arbitrary files via directory traversal in the baseuri field, as demonstrated by POST /typo3/record/edit with ../../../ in data[sys_file_storage]*[data][sDEF][lDEF][base
- affected >= 8.0.0, < 8.7.55fixed 8.7.55
TYPO3 is an open source PHP based web content management system released under the GNU GPL. In typo3 installations there are always at least two different sites. Eg. first.example.org and second.example.com. In affected versions a session cookie generated for the first site can b
- affected >= 9.4.0, < 9.5.42fixed 9.5.42
TYPO3 is an open source PHP based web content management system. Starting in version 9.4.0 and prior to versions 9.5.42 ELTS, 10.4.39 ELTS, 11.5.30, and 12.4.4, in multi-site scenarios, enumerating the HTTP query parameters `id` and `L` allowed out-of-scope access to rendered con
- affected >= 12.0.0, < 12.2.0fixed 12.2.0
TYPO3 is a free and open source Content Management Framework released under the GNU General Public License. In affected versions the TYPO3 core component `GeneralUtility::getIndpEnv()` uses the unfiltered server environment variable `PATH_INFO`, which allows attackers to inject m
- affected >= 9.0.0, < 9.5.38fixed 9.5.38
TYPO3 is an open source PHP based web content management system. Versions prior to 9.5.38, 10.4.33, 11.5.20, and 12.1.1 are subject to Sensitive Information Disclosure. Due to the lack of handling user-submitted YAML placeholder expressions in the site configuration backend modul
- affected >= 8.0.0, < 8.7.49fixed 8.7.49
TYPO3 is an open source PHP based web content management system. Versions prior to 8.7.49, 9.5.38, 10.4.33, 11.5.20, and 12.1.1 are vulnerable to Code Injection. Due to the lack of separating user-submitted data from the internal configuration in the Form Designer backend module,
- affected >= 10.0.0, < 10.4.33fixed 10.4.33
TYPO3 is an open source PHP based web content management system. In versions prior to 10.4.33, 11.5.20, and 12.1.1, When users reset their password using the corresponding password recovery functionality, existing sessions for that particular user account were not revoked. This a
- affected < 8.7.49fixed 8.7.49
TYPO3 is an open source PHP based web content management system. In versions prior to 8.7.49, 9.5.38, 10.4.33, 11.5.20, and 12.1.1 TYPO3 is vulnerable to Improper Authentication. Restricting frontend login to specific users, organized in different storage folders (partitions), ca
- affected >= 9.0.0, < 9.5.38fixed 9.5.38
TYPO3 is an open source PHP based web content management system. In versions prior to 9.5.38, 10.4.33, 11.5.20, and 12.1.1, requesting invalid or non-existing resources via HTTP triggers the page error handler, which again could retrieve content to be shown as an error message fr
- affected >= 10.3.0, < 10.4.32fixed 10.4.32
TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that the `f:asset.css` view helper is vulnerable to cross-site scripting when user input is passed as variables to the CSS. Update to TYPO3 version 10.4.32 or 11.5.1
- affected >= 7.0.0, < 7.6.58fixed 7.6.58
TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that the `FileDumpController` (backend and frontend context) is vulnerable to cross-site scripting when malicious files are displayed using this component. A valid b
- affected >= 10.4.0, < 10.4.32fixed 10.4.32
TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that the expiration time of a password reset link for TYPO3 backend users has never been evaluated. As a result, a password reset link could be used to perform a pas
- affected >= 7.0.0, < 7.6.58fixed 7.6.58
TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that observing response time during user authentication (backend and frontend) can be used to distinguish between existing and non-existing user accounts. Extension
- affected >= 11.4.0, < 11.5.16fixed 11.5.16
TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions requesting invalid or non-existing resources via HTTP triggers the page error handler which again could retrieve content to be shown as an error message from another p
- affected >= 10.0.0, < 10.4.32fixed 10.4.32
The typo3/html-sanitizer package is an HTML sanitizer, written in PHP, aiming to provide XSS-safe markup based on explicitly allowed tags, attributes and values. Due to a parsing issue in the upstream package `masterminds/html5`, malicious markup used in a sequence with special H
Page 2 of 5