Security Advisories - typo3/cms

typo3/cms Security Advisories for 7.6.18 (13)

[MEDIUM] Typo3 XSS Vulnerability

PKSA-j487-wgb6-g37w CVE-2018-6905 GHSA-3w22-wrwx-2r75

Affected version: <9.2.0

Reported by:
GitHub
Information Disclosure in Install Tool

PKSA-t1pf-cbfj-xyc5

Affected version: >=7.0.0,<7.6.32|>=8.0.0,<8.7.21|>=9.0.0,<9.5.2

Reported by:
FriendsOfPHP/security-advisories
Denial of Service in Online Media Asset Handling

PKSA-41jf-hqcz-2mxn

Affected version: >=7.0.0,<7.6.32|>=8.0.0,<8.7.21|>=9.0.0,<9.5.2

Reported by:
FriendsOfPHP/security-advisories
Cross-Site Scripting in Online Media Asset Rendering

PKSA-94ws-swjq-dm6m

Affected version: >=7.0.0,<7.6.32|>=8.0.0,<8.7.21|>=9.0.0,<9.5.2

Reported by:
FriendsOfPHP/security-advisories
Cross-Site Scripting in Backend Modal Component

PKSA-qzm7-ztqf-vx98

Affected version: >=7.0.0,<7.6.32|>=8.0.0,<8.7.21|>=9.0.0,<9.5.2

Reported by:
FriendsOfPHP/security-advisories
Denial of Service in Frontend Record Registration

PKSA-6wyc-z3gy-thx1

Affected version: >=7.0.0,<7.6.32|>=8.0.0,<8.7.21

Reported by:
FriendsOfPHP/security-advisories
Security Misconfiguration in Install Tool Cookie

PKSA-99fq-1t5c-yckv

Affected version: >=7.0.0,<7.6.32|>=8.0.0,<8.7.21|>=9.0.0,<9.5.2

Reported by:
FriendsOfPHP/security-advisories
Cross-Site Scripting in Frontend User Login

PKSA-j1v4-rzqw-fkx7

Affected version: >=7.0.0,<7.6.32|>=8.0.0,<8.7.21|>=9.0.0,<9.5.2

Reported by:
FriendsOfPHP/security-advisories
Insecure Deserialization & Arbitrary Code Execution in TYPO3 CMS

PKSA-z3s2-rzbm-sz8q

Affected version: >=7.0.0,<7.6.30|>=8.0.0,<8.7.17|>=9.0.0,<9.3.2

Reported by:
FriendsOfPHP/security-advisories
Authentication Bypass in TYPO3 CMS

PKSA-b9qm-1gk1-gg53

Affected version: >=7.0.0,<7.6.30|>=8.0.0,<8.7.17|>=9.0.0,<9.3.2

Reported by:
FriendsOfPHP/security-advisories
Information Disclosure in TYPO3 CMS

PKSA-mnvr-nmxv-xndp

Affected version: >=7.6.0,<7.6.22|>=8.0.0,<8.1.0|>=8.1.0,<8.2.0|>=8.2.0,<8.3.0|>=8.3.0,<8.4.0|>=8.4.0,<8.5.0|>=8.5.0,<8.6.0|>=8.6.0,<8.7.0|>=8.7.0,<8.7.5

Reported by:
FriendsOfPHP/security-advisories
Information Disclosure in TYPO3 CMS

PKSA-k469-q3x3-m5wx

Affected version: >=7.6.0,<7.6.22|>=8.0.0,<8.1.0|>=8.1.0,<8.2.0|>=8.2.0,<8.3.0|>=8.3.0,<8.4.0|>=8.4.0,<8.5.0|>=8.5.0,<8.6.0|>=8.6.0,<8.7.0|>=8.7.0,<8.7.5

Reported by:
FriendsOfPHP/security-advisories
Arbitrary Code Execution in TYPO3 CMS

PKSA-ycd2-g5rr-5v84

Affected version: >=7.6.0,<7.6.22|>=8.0.0,<8.1.0|>=8.1.0,<8.2.0|>=8.2.0,<8.3.0|>=8.3.0,<8.4.0|>=8.4.0,<8.5.0|>=8.5.0,<8.6.0|>=8.6.0,<8.7.0|>=8.7.0,<8.7.5

Reported by:
FriendsOfPHP/security-advisories

typo3/cms Security Advisories for 7.6.18 (13)

[MEDIUM] Typo3 XSS Vulnerability