typo3/cms-frontend Security Advisories (4)
-
[LOW] TYPO3 Cross-site scripting (XSS) vulnerability in the click enlarge functionality
PKSA-f6pc-fd6p-97dj CVE-2010-5097 GHSA-9hw3-4gvp-8mv5
Affected version: >=4.4.0,<4.4.5|>=4.3.0,<4.3.9
Reported by:
GitHub -
[LOW] TYPO3 Cross-site scripting (XSS) vulnerability in the FORM content object
PKSA-vny8-t5h1-gnzp CVE-2010-5098 GHSA-3mqf-fwc6-vwqw
Affected version: >=4.3.0,<4.3.9|>=4.4.0,<4.4.5|>=4.2.0,<4.2.16
Reported by:
GitHub -
[MEDIUM] TYPO3 is vulnerable to Spam Abuse in the native form content element
PKSA-rgm2-jd72-wkn2 CVE-2010-3667 GHSA-48ww-8h7g-4hwq
Affected version: >=4.4.0,<4.4.1|>=4.3.0,<4.3.4|>=4.2.0,<4.2.13|<4.1.14
Reported by:
GitHub -
[MEDIUM] TYPO3 is vulnerable to insecure randomness during hash generation in forgot password function
PKSA-w8w2-c15j-rgts CVE-2010-3670 GHSA-3276-p9f2-8q89
Affected version: >=4.4.0,<4.4.1|<4.3.4
Reported by:
GitHub