typo3/cms-form Security Advisories for v10.4.7 (3)
-
[MEDIUM] Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in typo3/cms-form
PKSA-yhyy-7dgg-qhcw CVE-2021-21358 GHSA-x79j-wgqv-g8h2
Affected version: >=11.0.0,<=11.1.0|>=10.2.0,<=10.4.13
Reported by:
GitHub -
[HIGH] Broken Access Control in Form Framework
PKSA-4b8g-5w89-fbw3 CVE-2021-21357 GHSA-3vg7-jw9m-pc3f
Affected version: >=11.0.0,<=11.1.0|>=10.0.0,<=10.4.13|>=9.0.0,<=9.5.24|>=8.0.0,<=8.7.39
Reported by:
GitHub -
[HIGH] Unrestricted File Upload in Form Framework
PKSA-nkrd-9vf5-fnjp CVE-2021-21355 GHSA-2r6j-862c-m2v2
Affected version: >=11.0.0,<=11.1.0|>=10.0.0,<=10.4.13|>=9.0.0,<=9.5.24|>=8.0.0,<=8.7.39
Reported by:
GitHub