Weak Authentication in Session Handling in typo3/cms-core:
In typo3 installations there are always
at least two different sites. Eg. first.example.org and
second.example.com. In affected versions a session cookie
generated for the first site can be reused on the second site
without requiring additional authentication. This
vulnerability has been addressed in versions 8.7.55, 9.5.44,
10.4.41, 11.5.33, and 12.4.8. Users are advised to upgrade.
There are no known workarounds for this vulnerability.
Information Disclosure in Install Tool in typo3/cms-install:
In affected versions the login screen of the standalone
install tool discloses the full path of the transient data
directory (e.g. /var/www/html/var/transient/). This applies
to composer-based scenarios only - classic non-composer
installations are not affected. This issue has been addressed
in version 12.4.8. Users are advised to upgrade. There are
no known workarounds for this vulnerability.
By-passing Cross-Site Scripting Protection in HTML Sanitizer:
In affected versions DOM processing instructions are not
handled correctly. This allows bypassing the cross-site
scripting mechanism of typo3/html-sanitizer. This
vulnerability has been addressed in versions 1.5.3 and 2.1.4.
Users are advised to upgrade. There are no known workarounds
for this vulnerability.