typo3/cms-install Security Advisories (6)
-
[LOW] TYPO3 Information Disclosure via Exception Handling/Logger
PKSA-y4y2-63tg-bjxn CVE-2024-55891 GHSA-38x7-cc6w-j27q
Affected version: =13.4.2
Reported by:
GitHub -
[LOW] Information Disclosure in typo3/cms-install tool
PKSA-vwj1-nbq6-bxyy CVE-2023-47126 GHSA-p2jh-95jg-2w55
Affected version: >=12.2.0,<12.4.8
Reported by:
GitHub -
[LOW] TYPO3 Cross-Site Scripting vulnerability in the Install Tool
PKSA-h5r9-g3hp-54f3 CVE-2010-5100 GHSA-9hh2-8cw6-hfv7
Affected version: >=4.4.0,<4.4.5|>=4.3.0,<4.3.9|>=4.2.0,<4.2.16
Reported by:
GitHub -
[MEDIUM] Typo3 API Install Tool vulnerable to Cross-site Scripting
PKSA-v8sk-gshm-pkh6 CVE-2009-3636 GHSA-c73w-4rcj-2622
Affected version: >=4.3alpha1,<4.3beta2|>=4.2.0,<4.2.10|>=4.1.0,<4.1.13|<=4.0.13
Reported by:
GitHub -
[MEDIUM] TYPO3 is vulnerable to Insecure randomness in uniqid function
PKSA-wg82-z1kj-1g9v CVE-2010-3666 GHSA-c7xr-736p-29j3
Affected version: >=4.4.0,<4.4.1|>=4.3.0,<4.3.4|>=4.2.0,<4.2.13|<4.1.14
Reported by:
GitHub -
[MEDIUM] TYPO3 is vulnerable to Session Fixation
PKSA-5x81-861f-6tdm CVE-2010-3671 GHSA-gqmh-5xmq-3fhg
Affected version: >=4.4.0,<4.4.1|>=4.3.0,<4.3.4|>=4.2.0,<4.2.13|<4.1.14
Reported by:
GitHub