typo3/cms-form Security Advisories for v10.4.11 (4)
-
[MEDIUM] TYPO3 Form Framework Module vulnerable to Cross-Site Request Forgery
PKSA-p6ct-pkr6-phmf CVE-2024-55922 GHSA-ww7h-g2qf-7xv6
Affected version: >=13.0.0,<=13.4.2|>=12.0.0,<=12.4.24|>=11.0.0,<=11.5.41|>=10.0.0,<=10.4.47
Reported by:
GitHub -
[MEDIUM] Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in typo3/cms-form
PKSA-yhyy-7dgg-qhcw CVE-2021-21358 GHSA-x79j-wgqv-g8h2
Affected version: >=11.0.0,<=11.1.0|>=10.2.0,<=10.4.13
Reported by:
GitHub -
[HIGH] Broken Access Control in Form Framework
PKSA-4b8g-5w89-fbw3 CVE-2021-21357 GHSA-3vg7-jw9m-pc3f
Affected version: >=11.0.0,<=11.1.0|>=10.0.0,<=10.4.13|>=9.0.0,<=9.5.24|>=8.0.0,<=8.7.39
Reported by:
GitHub -
[HIGH] Unrestricted File Upload in Form Framework
PKSA-nkrd-9vf5-fnjp CVE-2021-21355 GHSA-2r6j-862c-m2v2
Affected version: >=11.0.0,<=11.1.0|>=10.0.0,<=10.4.13|>=9.0.0,<=9.5.24|>=8.0.0,<=8.7.39
Reported by:
GitHub