dated_news
by TYPO3
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-36792 | 0.00 | — | 0.01 | Aug 13, 2021 | The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 has incorrect Access Control for confirming various applications. | |||
| CVE-2021-36791 | 0.00 | — | 0.01 | Aug 13, 2021 | The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 allows Information Disclosure of application registration data. | |||
| CVE-2021-36790 | 0.00 | — | 0.01 | Aug 13, 2021 | The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 allows XSS. | |||
| CVE-2021-36789 | 0.00 | — | 0.01 | Aug 13, 2021 | The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 allows SQL Injection. |
- CVE-2021-36792Aug 13, 2021risk 0.00cvss —epss 0.01
The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 has incorrect Access Control for confirming various applications.
- CVE-2021-36791Aug 13, 2021risk 0.00cvss —epss 0.01
The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 allows Information Disclosure of application registration data.
- CVE-2021-36790Aug 13, 2021risk 0.00cvss —epss 0.01
The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 allows XSS.
- CVE-2021-36789Aug 13, 2021risk 0.00cvss —epss 0.01
The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 allows SQL Injection.