VYPR

dated_news

by TYPO3

CVEs (4)

  • CVE-2021-36792Aug 13, 2021
    risk 0.00cvss epss 0.01

    The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 has incorrect Access Control for confirming various applications.

  • CVE-2021-36791Aug 13, 2021
    risk 0.00cvss epss 0.01

    The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 allows Information Disclosure of application registration data.

  • CVE-2021-36790Aug 13, 2021
    risk 0.00cvss epss 0.01

    The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 allows XSS.

  • CVE-2021-36789Aug 13, 2021
    risk 0.00cvss epss 0.01

    The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 allows SQL Injection.