Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity TYPO3 Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2014-9508) CVE-2014-9508 CWE-59 CWE-59 Medium TYPO3 Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2020-11066) CVE-2020-11066 CWE-915 CWE-915 Critical TYPO3 Improper Neutralization of HTTP Headers for Scripting Syntax Vulnerability (CVE-2021-41114) CVE-2021-41114 CWE-644 CWE-644 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-2718) CVE-2008-2718 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-5644) CVE-2008-5644 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-5656) CVE-2008-5656 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-6699) CVE-2008-6699 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-0257) CVE-2009-0257 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-0816) CVE-2009-0816 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-3629) CVE-2009-3629 CWE-707 CWE-707 Low TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-3634) CVE-2009-3634 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-3636) CVE-2009-3636 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-3659) CVE-2010-3659 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-3660) CVE-2010-3660 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-3665) CVE-2010-3665 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-3672) CVE-2010-3672 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-3674) CVE-2010-3674 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-3715) CVE-2010-3715 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-5097) CVE-2010-5097 CWE-707 CWE-707 Low TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-5098) CVE-2010-5098 CWE-707 CWE-707 Low TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-5100) CVE-2010-5100 CWE-707 CWE-707 Low TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4626) CVE-2011-4626 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4629) CVE-2011-4629 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4630) CVE-2011-4630 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4631) CVE-2011-4631 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4632) CVE-2011-4632 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4903) CVE-2011-4903 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-1606) CVE-2012-1606 CWE-707 CWE-707 Low TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2112) CVE-2012-2112 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3528) CVE-2012-3528 CWE-707 CWE-707 Low TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3531) CVE-2012-3531 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6145) CVE-2012-6145 CWE-707 CWE-707 Low TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6147) CVE-2012-6147 CWE-707 CWE-707 Low TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6148) CVE-2012-6148 CWE-707 CWE-707 Low TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-7074) CVE-2013-7074 CWE-707 CWE-707 Low TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-7076) CVE-2013-7076 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-7077) CVE-2013-7077 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-7078) CVE-2013-7078 CWE-707 CWE-707 Low TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3943) CVE-2014-3943 CWE-707 CWE-707 Low TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5956) CVE-2015-5956 CWE-707 CWE-707 Low TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-8755) CVE-2015-8755 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-8756) CVE-2015-8756 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-8757) CVE-2015-8757 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-8758) CVE-2015-8758 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-8759) CVE-2015-8759 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-4056) CVE-2016-4056 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-6905) CVE-2018-6905 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-12748) CVE-2019-12748 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-8091) CVE-2020-8091 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11064) CVE-2020-11064 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11065) CVE-2020-11065 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-26227) CVE-2020-26227 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21340) CVE-2021-21340 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21358) CVE-2021-21358 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21365) CVE-2021-21365 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21370) CVE-2021-21370 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32667) CVE-2021-32667 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32668) CVE-2021-32668 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32669) CVE-2021-32669 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32768) CVE-2021-32768 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-31048) CVE-2022-31048 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-31049) CVE-2022-31049 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-36107) CVE-2022-36107 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-36108) CVE-2022-36108 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-24814) CVE-2023-24814 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-47125) CVE-2023-47125 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-34355) CVE-2024-34355 CWE-707 CWE-707 Medium TYPO3 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2010-3668) CVE-2010-3668 CWE-138 CWE-138 High TYPO3 Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression La Vulnerability (CVE-2022-23504) CVE-2022-23504 CWE-138 CWE-138 Medium TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2007-6381) CVE-2007-6381 CWE-138 CWE-138 Medium TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-3632) CVE-2009-3632 CWE-138 CWE-138 Medium TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4855) CVE-2009-4855 CWE-138 CWE-138 High TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-3662) CVE-2010-3662 CWE-138 CWE-138 High TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-5103) CVE-2010-5103 CWE-138 CWE-138 Medium TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-3583) CVE-2011-3583 CWE-138 CWE-138 Critical 1...175176177178...307 176 / 307