| Vulnerability Name |
CVE
CWE
|
CWE |
Severity |
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-3665)
|
CVE-2010-3665
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-3672)
|
CVE-2010-3672
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-3674)
|
CVE-2010-3674
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-3715)
|
CVE-2010-3715
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4626)
|
CVE-2011-4626
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4629)
|
CVE-2011-4629
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4630)
|
CVE-2011-4630
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4631)
|
CVE-2011-4631
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4632)
|
CVE-2011-4632
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4903)
|
CVE-2011-4903
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2112)
|
CVE-2012-2112
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3531)
|
CVE-2012-3531
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-7076)
|
CVE-2013-7076
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-7077)
|
CVE-2013-7077
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-8755)
|
CVE-2015-8755
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-8756)
|
CVE-2015-8756
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-8757)
|
CVE-2015-8757
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-8758)
|
CVE-2015-8758
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-8759)
|
CVE-2015-8759
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-4056)
|
CVE-2016-4056
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-6905)
|
CVE-2018-6905
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-12748)
|
CVE-2019-12748
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-8091)
|
CVE-2020-8091
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11064)
|
CVE-2020-11064
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11065)
|
CVE-2020-11065
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-26227)
|
CVE-2020-26227
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21340)
|
CVE-2021-21340
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21358)
|
CVE-2021-21358
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21365)
|
CVE-2021-21365
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21370)
|
CVE-2021-21370
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32667)
|
CVE-2021-32667
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32668)
|
CVE-2021-32668
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32669)
|
CVE-2021-32669
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32768)
|
CVE-2021-32768
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-31048)
|
CVE-2022-31048
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-31049)
|
CVE-2022-31049
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-36107)
|
CVE-2022-36107
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-36108)
|
CVE-2022-36108
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-24814)
|
CVE-2023-24814
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-47125)
|
CVE-2023-47125
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-34355)
|
CVE-2024-34355
CWE-707
|
CWE-707
|
Medium
|
|
TYPO3 Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression La Vulnerability (CVE-2022-23504)
|
CVE-2022-23504
CWE-138
|
CWE-138
|
Medium
|
|
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2007-6381)
|
CVE-2007-6381
CWE-138
|
CWE-138
|
Medium
|
|
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-3632)
|
CVE-2009-3632
CWE-138
|
CWE-138
|
Medium
|
|
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-5103)
|
CVE-2010-5103
CWE-138
|
CWE-138
|
Medium
|
|
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-6144)
|
CVE-2012-6144
CWE-138
|
CWE-138
|
Medium
|
|
TYPO3 Inadequate Encryption Strength Vulnerability (CVE-2010-3670)
|
CVE-2010-3670
CWE-326
|
CWE-326
|
Medium
|
|
TYPO3 Insertion of Sensitive Information into Log File Vulnerability (CVE-2021-32767)
|
CVE-2021-32767
CWE-532
|
CWE-532
|
Medium
|
|
TYPO3 Insertion of Sensitive Information into Log File Vulnerability (CVE-2022-31047)
|
CVE-2022-31047
CWE-532
|
CWE-532
|
Medium
|
|
Typo3 Install Tool publicly accessible
|
CWE-200
|
CWE-200
|
Medium
|
|
TYPO3 Insufficient Session Expiration Vulnerability (CVE-2022-23502)
|
CVE-2022-23502
CWE-613
|
CWE-613
|
Medium
|
|
TYPO3 Observable Discrepancy Vulnerability (CVE-2022-36105)
|
CVE-2022-36105
CWE-203
|
CWE-203
|
Medium
|
|
TYPO3 Other Vulnerability (CVE-2006-0327)
|
CVE-2006-0327
|
|
Medium
|
|
TYPO3 Other Vulnerability (CVE-2009-3630)
|
CVE-2009-3630
|
|
Medium
|
|
TYPO3 Other Vulnerability (CVE-2012-1605)
|
CVE-2012-1605
|
|
Medium
|
|
TYPO3 Other Vulnerability (CVE-2012-3530)
|
CVE-2012-3530
|
|
Medium
|
|
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-2717)
|
CVE-2008-2717
CWE-264
|
CWE-264
|
Medium
|
|
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3717)
|
CVE-2010-3717
CWE-264
|
CWE-264
|
Medium
|
|
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6146)
|
CVE-2012-6146
CWE-264
|
CWE-264
|
Medium
|
|
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4320)
|
CVE-2013-4320
CWE-264
|
CWE-264
|
Medium
|
|
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-7073)
|
CVE-2013-7073
CWE-264
|
CWE-264
|
Medium
|
|
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-7081)
|
CVE-2013-7081
CWE-264
|
CWE-264
|
Medium
|
|
TYPO3 Resource Management Errors Vulnerability (CVE-2013-1843)
|
CVE-2013-1843
|
|
Medium
|
|
TYPO3 Session Fixation Vulnerability (CVE-2010-3671)
|
CVE-2010-3671
CWE-384
|
CWE-384
|
Medium
|
|
TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2010-3661)
|
CVE-2010-3661
CWE-601
|
CWE-601
|
Medium
|
|
TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2010-3669)
|
CVE-2010-3669
CWE-601
|
CWE-601
|
Medium
|
|
TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-15241)
|
CVE-2020-15241
CWE-601
|
CWE-601
|
Medium
|
|
TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-21338)
|
CVE-2021-21338
CWE-601
|
CWE-601
|
Medium
|
|
TYPO3 Use of Insufficiently Random Values Vulnerability (CVE-2010-3666)
|
CVE-2010-3666
CWE-330
|
CWE-330
|
Medium
|
|
UAParser.js Other Vulnerability (CVE-2020-7793)
|
CVE-2020-7793
|
|
Medium
|
|
UAParser.js Uncontrolled Resource Consumption Vulnerability (CVE-2020-7733)
|
CVE-2020-7733
CWE-400
|
CWE-400
|
Medium
|
|
Unauthorized Access to a web app installer
|
CWE-200
|
CWE-200
|
Medium
|
|
Unchecked GraphQL Query Length: Potential Denial of Service Vulnerability
|
CWE-400
|
CWE-400
|
Medium
|
|
Undertow Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2021-3597)
|
CVE-2021-3597
CWE-362
|
CWE-362
|
Medium
|
|
Undertow CVE-2022-2764 Vulnerability (CVE-2022-2764)
|
CVE-2022-2764
|
|
Medium
|
