FLAT-8H4D5 (CVE-2026-0859)
Insecure deserialization In typo3/cms-core
1.3
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-EY5X3 (CVE-2025-59016)
Technical information leak In typo3/cms-core
1.3
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-9BBCR (CVE-2025-59015)
Insecure generation of random numbers In typo3/cms-core
1.7
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-6KFI8 (CVE-2025-59013)
Uncontrolled external site redirect In typo3/cms-core
1.3
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-V8VDP (CVE-2025-47940)
Security controls bypass or absence In typo3/cms-core
6.1
Medium
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-JHL6O (CVE-2025-47939)
Insecure file upload In typo3/cms-core
1.3
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-4KE8I (CVE-2025-47937)
Authentication mechanism absence or evasion In typo3/cms-core
1.7
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-CIXAE (CVE-2024-55892)
Uncontrolled external site redirect In typo3/cms-core
1.7
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-MURA3 (GHSA-5h5v-m596-r6rf)
Insecure deserialization In typo3/cms-core
7.2
High
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-4P12T (GHSA-6xwf-7rfm-4gwc)
Server side cross-site scripting In typo3/cms-core
0.6
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-T6U0A (GHSA-4ppr-jw47-9qm5)
Server side cross-site scripting In typo3/cms-core
1.3
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-4XA75 (GHSA-95qm-3xp7-vfj5)
Reflected cross-site scripting (XSS) In typo3/cms-core
1.3
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-0O8OC (GHSA-x428-565f-8xj2)
Server side cross-site scripting In typo3/cms-core
6.3
Medium
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-CF2L6 (GHSA-g776-759r-pf6x)
Authentication mechanism absence or evasion In typo3/cms-core
0.6
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-0ORC2 (GHSA-82vp-jr39-4j2j)
Insecure session management In typo3/cms-core
6.7
Medium
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-EX1LL (GHSA-rv8r-8mh5-5376)
Improper authorization control for web services In typo3/cms-core
1.3
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-NDWCM (GHSA-wj85-rg5g-v8jm)
Sensitive data stored in client-side storage In typo3/cms-core
2.7
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-H2J9X (GHSA-p2h4-7fp3-cmh8)
Business information leak In typo3/cms-core
1.3
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-S8070 (GHSA-wvvp-jwf5-qcpc)
Enabled default configuration In typo3/cms-core
1.3
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-FHZPP (GHSA-xmgr-jff3-fcfv)
Session Fixation In typo3/cms-core
4.9
Medium
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-NOMPN (GHSA-4459-qrcc-vfcf)
Reflected cross-site scripting (XSS) In typo3/cms-core
1.3
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-TS3SJ (GHSA-76r3-m635-p3vc)
Reflected cross-site scripting (XSS) In typo3/cms-core
1.2
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-N7O8Y (GHSA-f9hr-7cfq-mjg2)
Insecure file upload In typo3/cms-core
6.3
Medium
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-LJLZM (GHSA-9rx9-7fmh-gj3g)
Excessive privileges In typo3/cms-core
4.9
Medium
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-F3ALJ (GHSA-22q7-cg4r-p9mx)
Reflected cross-site scripting (XSS) In typo3/cms-core
1.3
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-XZGG7 (GHSA-rxc9-f2x6-qh4w)
Authentication mechanism absence or evasion In typo3/cms-core
4.6
Medium
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-EQ8D4 (GHSA-hjx5-v9xg-7h25)
Asymmetric denial of service In typo3/cms-core
6.6
Medium
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-8Z4SB (GHSA-29m4-mx89-3mjg)
Inadequate file size control In typo3/cms-core
2.3
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-FOBNE (GHSA-66c2-7g4p-wx4p)
Business information leak In typo3/cms-core
2.7
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-VZU6T (GHSA-ppvg-hw62-6ph9)
Insecurely generated cookies In typo3/cms-core
6.6
Medium
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-TDH1F (GHSA-8c25-vj2w-p72j)
Server side cross-site scripting In typo3/cms-core
0.5
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-D5B2B (GHSA-g4c9-qfvw-fmr4)
Server side cross-site scripting In typo3/cms-core
1.3
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-FK6UX (GHSA-96jg-pmc4-cx39)
Insecure deserialization In typo3/cms-core
5.2
Medium
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-30GOP (GHSA-wg8h-gxf4-g4gh)
Server side cross-site scripting In typo3/cms-core
1.2
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-ZQGYX (GHSA-45wj-jv2h-jwrf)
SQL injection - Code In typo3/cms-core
5.2
Medium
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-AEMPV (GHSA-cc97-g92w-jm65)
Lack of data validation In typo3/cms-core
6.3
Medium
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-GLFDY (GHSA-x4rj-f7m6-42c3)
Authentication mechanism absence or evasion In typo3/cms-core
6.6
Medium
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-9TB9Y (CVE-2024-34358)
Insufficient data authenticity validation In typo3/cms-core
2.7
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-55BV1 (CVE-2024-34357)
Server side cross-site scripting In typo3/cms-core
1.2
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-NRXYX (CVE-2024-34356)
Server side cross-site scripting In typo3/cms-core
1.2
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-G42W4 (CVE-2024-34355)
Server side cross-site scripting In typo3/cms-core
1.2
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-PIFYA (CVE-2024-22188)
Server side template injection In typo3/cms-core
6.1
Medium
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-N53OG (CVE-2023-30451)
Lack of data validation - Path Traversal In typo3/cms-core
4.7
Medium
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-EX9AY (CVE-2024-25121)
Improper authorization control for web services In typo3/cms-core
5.0
Medium
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-L2Y3G (CVE-2024-25120)
Improper authorization control for web services In typo3/cms-core
1.3
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-5AC55 (CVE-2024-25119)
Business information leak In typo3/cms-core
4.6
Medium
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-BADF6 (CVE-2024-25118)
Business information leak In typo3/cms-core
0.6
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-JZ9L2 (GHSA-3gjc-mp82-fj4q)
Lack of data validation - Path Traversal In typo3/cms-core
5.6
Medium
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-6JRB6 (CVE-2023-47127)
Authentication mechanism absence or evasion In typo3/cms-core
0.6
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-SV526 (CVE-2023-38499)
Enabled default configuration In typo3/cms-core
1.7
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-Y4YMP (CVE-2022-23504)
Business information leak In typo3/cms-core
4.8
Medium
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-SL4EX (CVE-2022-23501)
Authentication mechanism absence or evasion In typo3/cms-core
2.3
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-DN4NA (CVE-2022-23500)
Asymmetric denial of service In typo3/cms-core
4.6
Medium
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-K9NP2 (CVE-2022-36020)
Reflected cross-site scripting (XSS) In typo3/cms-core
1.3
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-TJN08 (CVE-2022-36104)
Asymmetric denial of service In typo3/cms-core
4.6
Medium
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-D0KG6 (CVE-2022-36107)
Server side cross-site scripting In typo3/cms-core
0.5
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-UTYRN (CVE-2022-36108)
Reflected cross-site scripting (XSS) In typo3/cms-core
1.2
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-V5TBE (GHSA-gqqf-g5r7-84vf)
Reflected cross-site scripting (XSS) In typo3/cms-core
1.3
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-PW4Q1 (CVE-2022-31046)
Sensitive information sent insecurely In typo3/cms-core
1.3
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-OQ894 (CVE-2019-12748)
Reflected cross-site scripting (XSS) In typo3/cms-core
1.3
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-TN9OU (CVE-2019-19850)
SQL injection - Code In typo3/cms-core
2.1
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-QCHY4 (CVE-2019-19849)
Insecure deserialization In typo3/cms-core
6.3
Medium
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-DTXP5 (CVE-2013-1842)
SQL injection - Code In typo3/cms-core
6.9
Medium
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-HD6DJ (CVE-2013-1843)
Uncontrolled external site redirect In typo3/cms-core
2.7
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-E9YEB (CVE-2013-7081)
Improper authorization control for web services In typo3/cms-core
2.7
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-NIBQV (CVE-2013-7080)
Improper authorization control for web services In typo3/cms-core
2.7
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-U5Z6N (CVE-2013-4320)
Improper authorization control for web services In typo3/cms-core
2.7
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-ABMRY (CVE-2010-5104)
Business information leak In typo3/cms-core
2.7
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-YAYSP (CVE-2013-7078)
Reflected cross-site scripting (XSS) In typo3/cms-core
0.6
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-PEQ6B (CVE-2013-7077)
Reflected cross-site scripting (XSS) In typo3/cms-core
1.3
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-OW2B3 (CVE-2009-3633)
Cross-site request forgery In typo3/cms-core
1.3
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-ULPDJ (CVE-2008-2717)
Insecure file upload In typo3/cms-core
1.3
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-GOOVV (CVE-2010-3673)
Business information leak In typo3/cms-core
1.3
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-51SYZ (CVE-2021-41113)
Cross-site request forgery In typo3/cms-core
5.2
Medium
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-9F173 (CVE-2021-41114)
Lack of data validation In typo3/cms-core
1.7
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-8AFBM (CVE-2021-32668)
Server side cross-site scripting In typo3/cms-core
5.8
Medium
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-D2RYZ (CVE-2021-32667)
Server side cross-site scripting In typo3/cms-core
6.0
Medium
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-F1KJ5 (CVE-2021-21370)
Server side cross-site scripting In typo3/cms-core
1.2
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-E3NTV (CVE-2021-21359)
Asymmetric denial of service In typo3/cms-core
4.6
Medium
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-C365G (CVE-2021-21357)
Lack of data validation In typo3/cms-core
2.4
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-1PSMB (CVE-2021-21355)
Insecure file upload In typo3/cms-core
6.8
Medium
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-KZ24B (CVE-2020-26229)
XML injection (XXE) In typo3/cms-core
0.6
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-UJ9RL (CVE-2020-26228)
Non-encrypted confidential information In typo3/cms-core
7.2
High
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-Z0PFY (CVE-2020-15099)
Business information leak In typo3/cms-core
8.4
High
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-CAOMQ (CVE-2020-15098)
Insecure encryption algorithm In typo3/cms-core
5.2
Medium
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-6DEY7 (CVE-2020-11069)
Cross-site request forgery In typo3/cms-core
4.8
Medium
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-C7WGV (CVE-2020-11067)
Insecure deserialization In typo3/cms-core
7.7
High
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-6A1RR (CVE-2020-11065)
Reflected cross-site scripting (XSS) In typo3/cms-core
1.2
Low
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-R9VBH (CVE-2019-10912)
Insecure deserialization In typo3/cms-core
5.0
Medium
Ecosystem: Packagist
Package: typo3/cms-core
FLAT-IYZJO (CVE-2018-17960)
Reflected cross-site scripting (XSS) In typo3/cms-core
1.3
Low
Ecosystem: Packagist
Package: typo3/cms-core