CVE-2009-4803 – svewap/a21glossary

Package

Manager: composer
Name: svewap/a21glossary
Vulnerable Version: >=0 <=0.4.10

Severity

Level: High

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:U/RC:R

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

EPSS: 0.00366 pctl0.57792

Details

Accessibility Glossary (a21glossary) SQL injection vulnerability SQL injection vulnerability in the Accessibility Glossary (a21glossary) extension 0.4.10 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Metadata

Created: 2022-05-02T03:58:18Z
Modified: 2025-04-11T20:00:18Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-mp9g-4rg9-8rcm/GHSA-mp9g-4rg9-8rcm.json
CWE IDs: ["CWE-89"]
Alternative ID: GHSA-mp9g-4rg9-8rcm
Finding: F297
Auto approve: 1