Security Advisories - typo3/cms

typo3/cms Security Advisories for v7.6.24 (10)

[MEDIUM] Typo3 XSS Vulnerability

PKSA-j487-wgb6-g37w CVE-2018-6905 GHSA-3w22-wrwx-2r75

Affected version: <9.2.0

Reported by:
GitHub
[MEDIUM] Information Disclosure in Install Tool

PKSA-t1pf-cbfj-xyc5 GHSA-75mx-chcf-2q32

Affected version: >=7.0.0,<7.6.32|>=8.0.0,<8.7.21|>=9.0.0,<9.5.2

Reported by:
GitHub, FriendsOfPHP/security-advisories
[HIGH] Denial of Service in Online Media Asset Handling

PKSA-41jf-hqcz-2mxn GHSA-9895-53fc-98v2

Affected version: >=7.0.0,<7.6.32|>=8.0.0,<8.7.21|>=9.0.0,<9.5.2

Reported by:
GitHub, FriendsOfPHP/security-advisories
[MEDIUM] Cross-Site Scripting in Online Media Asset Rendering

PKSA-94ws-swjq-dm6m GHSA-3jxq-5xhh-9jr3

Affected version: >=7.0.0,<7.6.32|>=8.0.0,<8.7.21|>=9.0.0,<9.5.2

Reported by:
GitHub, FriendsOfPHP/security-advisories
[MEDIUM] Cross-Site Scripting in Backend Modal Component

PKSA-qzm7-ztqf-vx98 GHSA-86r8-4g3w-7xjp

Affected version: >=7.0.0,<7.6.32|>=8.0.0,<8.7.21|>=9.0.0,<9.5.2

Reported by:
GitHub, FriendsOfPHP/security-advisories
[MEDIUM] Denial of Service in Frontend Record Registration

PKSA-6wyc-z3gy-thx1 GHSA-g46h-v2cc-6c94

Affected version: >=7.0.0,<7.6.32|>=8.0.0,<8.7.21

Reported by:
GitHub, FriendsOfPHP/security-advisories
[HIGH] Security Misconfiguration in Install Tool Cookie

PKSA-99fq-1t5c-yckv GHSA-ppgf-8745-8pgx

Affected version: >=7.0.0,<7.6.32|>=8.0.0,<8.7.21|>=9.0.0,<9.5.2

Reported by:
GitHub, FriendsOfPHP/security-advisories
[MEDIUM] Cross-Site Scripting in Frontend User Login

PKSA-j1v4-rzqw-fkx7 GHSA-772m-43f3-hmf8

Affected version: >=7.0.0,<7.6.32|>=8.0.0,<8.7.21|>=9.0.0,<9.5.2

Reported by:
GitHub, FriendsOfPHP/security-advisories
[MEDIUM] Insecure Deserialization & Arbitrary Code Execution in TYPO3 CMS

PKSA-z3s2-rzbm-sz8q GHSA-f5rr-9r84-wwqf

Affected version: >=7.0.0,<7.6.30|>=8.0.0,<8.7.17|>=9.0.0,<9.3.2

Reported by:
GitHub, FriendsOfPHP/security-advisories
[HIGH] Authentication Bypass in TYPO3 CMS

PKSA-b9qm-1gk1-gg53 GHSA-f777-f784-36gm

Affected version: >=7.0.0,<7.6.30|>=8.0.0,<8.7.17|>=9.0.0,<9.3.2

Reported by:
GitHub, FriendsOfPHP/security-advisories

typo3/cms Security Advisories for v7.6.24 (10)

[MEDIUM] Typo3 XSS Vulnerability

[MEDIUM] Information Disclosure in Install Tool

[HIGH] Denial of Service in Online Media Asset Handling

[MEDIUM] Cross-Site Scripting in Online Media Asset Rendering

[MEDIUM] Cross-Site Scripting in Backend Modal Component

[MEDIUM] Denial of Service in Frontend Record Registration

[HIGH] Security Misconfiguration in Install Tool Cookie

[MEDIUM] Cross-Site Scripting in Frontend User Login

[MEDIUM] Insecure Deserialization & Arbitrary Code Execution in TYPO3 CMS

[HIGH] Authentication Bypass in TYPO3 CMS