Security Advisories - typo3/cms-backend - Packagist

typo3/cms-backend Security Advisories for v10.3.0 (5)

[MEDIUM] TYPO3 backend modules have Broken Access Control

PKSA-27mn-p368-8rxc CVE-2025-59017 GHSA-2fhw-2j7m-mr4m

Affected version: >=13.0.0,<13.4.18|>=12.0.0,<12.4.37|>=11.0.0,<11.5.48|>=10.0.0,<10.4.54|>=9.0.0,<9.5.55

Reported by:
GitHub
[LOW] Denial of Service in TYPO3 Bookmark Toolbar

PKSA-9vjc-5m3y-9mrq CVE-2024-34537 GHSA-ffcv-v6pw-qhrp

Affected version: >=10.0.0,<=10.4.45|>=11.0.0,<=11.5.39|>=12.0.0,<12.4.20|=13.0.0

Reported by:
GitHub
[LOW] Information Disclosure in TYPO3 Page Tree

PKSA-4w8t-ddwx-n1z6 CVE-2024-47780 GHSA-rf5m-h8q9-9w6q

Affected version: >=10.0.0,<10.4.46|>=11.0.0,<11.5.40|>=12.0.0,<12.4.21|>=13.0.0,<13.3.1

Reported by:
GitHub
[MEDIUM] Cross-Site Scripting in Content Preview (CType menu)

PKSA-t94y-b11s-1rg9 CVE-2021-21370 GHSA-x7hc-x7fm-f7qh

Affected version: >=11.0.0,<=11.1.0|>=10.0.0,<=10.4.13|>=9.0.0,<=9.5.24|>=8.0.0,<=8.7.39|>=7.0.0,<=7.6.50

Reported by:
GitHub
[MEDIUM] Cross-Site Scripting in Content Preview

PKSA-n961-k227-s276 CVE-2021-21340 GHSA-fjh3-g8gq-9q92

Affected version: >=11.0.0,<=11.1.0|>=10.0.0,<=10.4.13

Reported by:
GitHub