| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2022-36108 | Cross-Site Scripting in typo3/cms-core | TYPO3 | typo3 | Medium | 6.5 | 2022-09-13 17:20:13 | Deep Dive |
| CVE-2022-36020 | Bypass of Cross-Site Scripting Protection in typo3/html-sanitizer | TYPO3 | html-sanitizer | Medium | 6.1 | 2022-09-13 16:55:10 | Deep Dive |
| CVE-2022-31050 | Insufficient Session Expiration in TYPO3 Admin Tool | TYPO3 | typo3 | Medium | 6.0 | 2022-06-14 20:55:11 | Deep Dive |
| CVE-2022-31048 | Cross-Site Scripting in Form Framework | TYPO3 | typo3 | Medium | 5.4 | 2022-06-14 20:50:18 | Deep Dive |
| CVE-2022-31049 | Cross-Site Scripting in Frontend Login Mailer | TYPO3 | typo3 | Medium | 5.4 | 2022-06-14 20:50:12 | Deep Dive |
| CVE-2022-31046 | Information Disclosure via Export Module in TYPO3 CMS | TYPO3 | typo3 | Medium | 4.3 | 2022-06-14 20:40:22 | Deep Dive |
| CVE-2022-31047 | Insertion of Sensitive Information into Log File in typo3/cms-core | TYPO3 | typo3 | Medium | 5.3 | 2022-06-14 20:40:10 | Deep Dive |
| CVE-2021-41113 | Cross-Site-Request-Forgery in Backend URI Handling in Typo3 | TYPO3 | typo3 | High | 8.8 | 2021-10-05 17:20:12 | Deep Dive |
| CVE-2021-41114 | HTTP Host Header Injection in Request Handling in Typo3 | TYPO3 | typo3 | Medium | 4.8 | 2021-10-05 17:15:11 | Deep Dive |
| CVE-2021-32768 | Cross-Site Scripting via Rich-Text Content | TYPO3 | TYPO3.CMS | Medium | 6.1 | 2021-08-10 16:30:11 | Deep Dive |
| CVE-2021-32767 | Information Disclosure in User Authentication | TYPO3 | TYPO3.CMS | Medium | 5.3 | 2021-07-20 16:00:11 | Deep Dive |
| CVE-2021-32669 | Cross-Site Scripting in Backend Grid View | TYPO3 | TYPO3.CMS | Medium | 6.4 | 2021-07-20 15:35:11 | Deep Dive |
| CVE-2021-32668 | Cross-Site Scripting in Query Generator & Query View | TYPO3 | TYPO3.CMS | Medium | 6.4 | 2021-07-20 14:45:13 | Deep Dive |
| CVE-2021-32667 | Cross-Site Scripting in Page Preview | TYPO3 | TYPO3.CMS | Medium | 6.4 | 2021-07-20 14:40:11 | Deep Dive |
| CVE-2021-21359 | Denial of Service in Page Error Handling | TYPO3 | TYPO3.CMS | Medium | 5.9 | 2021-03-23 01:55:19 | Deep Dive |
| CVE-2021-21370 | Cross-Site Scripting in Content Preview (CType menu) | TYPO3 | TYPO3.CMS | Medium | 5.4 | 2021-03-23 01:55:12 | Deep Dive |
| CVE-2021-21339 | Cleartext storage of session identifier | TYPO3 | TYPO3.CMS | Medium | 5.9 | 2021-03-23 01:50:40 | Deep Dive |
| CVE-2021-21340 | Cross-Site Scripting in Content Preview | TYPO3 | TYPO3.CMS | Medium | 5.4 | 2021-03-23 01:50:34 | Deep Dive |
| CVE-2021-21355 | Unrestricted File Upload in Form Framework | TYPO3 | TYPO3.CMS | High | 8.6 | 2021-03-23 01:50:29 | Deep Dive |
| CVE-2021-21357 | Broken Access Control in Form Framework | TYPO3 | TYPO3.CMS | High | 8.3 | 2021-03-23 01:50:23 | Deep Dive |