Known Vulnerabilities for products from Typo3
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Typo3".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-49742 json | Not Provided | 2026-06-09 | 2026-06-09 | |
| CVE-2026-49741 json | Not Provided | 2026-06-09 | 2026-06-09 | |
| CVE-2026-49740 json | Not Provided | 2026-06-09 | 2026-06-09 | |
| CVE-2026-49738 json | Not Provided | 2026-06-09 | 2026-06-09 | |
| CVE-2026-47352 json | Not Provided | 2026-06-09 | 2026-06-09 | |
| CVE-2026-47351 json | Not Provided | 2026-06-09 | 2026-06-09 | |
| CVE-2026-47350 json | Not Provided | 2026-06-09 | 2026-06-09 | |
| CVE-2026-47349 json | Not Provided | 2026-06-09 | 2026-06-09 | |
| CVE-2026-47348 json | Not Provided | 2026-06-09 | 2026-06-09 | |
| CVE-2026-47347 json | Not Provided | 2026-06-09 | 2026-06-09 | |
| CVE-2026-6553 json | Changing backend users' passwords via the user settings module results in storing the cleartext password in the uc and user_s... | Not Provided | 2026-04-21 | 2026-05-05 |
| CVE-2023-47127 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.4 - MEDIUM | 2023-11-14 | 2023-11-21 |
| CVE-2023-47126 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.3 - MEDIUM | 2023-11-14 | 2023-11-21 |
| CVE-2023-47125 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.1 - MEDIUM | 2023-11-14 | 2023-11-21 |
| CVE-2023-38500 json | TYPO3 HTML Sanitizer is an HTML sanitizer, written in PHP, aiming to provide cross-site-scripting-safe markup based on explic... | 6.1 - MEDIUM | 2023-07-25 | 2023-08-02 |
| CVE-2023-38499 json | TYPO3 is an open source PHP based web content management system. Starting in version 9.4.0 and prior to versions 9.5.42 ELTS,... | 5.3 - MEDIUM | 2023-07-25 | 2023-08-02 |
| CVE-2023-30451 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 4.9 - MEDIUM | 2023-12-25 | 2024-01-03 |
| CVE-2023-24814 json | TYPO3 is a free and open source Content Management Framework released under the GNU General Public License. In affected versi... | 6.1 - MEDIUM | 2023-02-07 | 2023-02-16 |
| CVE-2022-36108 json | TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that the `... | 6.1 - MEDIUM | 2022-09-13 | 2022-09-16 |
| CVE-2022-36107 json | TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that the `... | 5.4 - MEDIUM | 2022-09-13 | 2022-09-16 |
Known software with vulnerabilities from Typo3
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Typo3 | Flow | 1.0.0 |
| Application | Typo3 | Fluid | 1.0.0 |
| Application | Typo3 | Fluid Engine | 1.0.0 |
| Application | Typo3 | Mediace | 7.6.0 |
| Application | Typo3 | Neos | 1.1.0 |
| Application | Typo3 | Pharstreamwrapper | 1.0.0 |
| Application | Typo3 | Svg Sanitizer | 1.0.0 |
| Application | Typo3 | Typo3 | - |