FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

typo3 -- multiple vulnerabilities

Affected packages
typo3-11-php81 < 11.5.20
typo3-12-php81 < 12.1.2

Details

VuXML ID d9e154c9-7de9-11ed-adca-080027d3a315
Discovery 2022-12-13
Entry 2022-12-17

TYPO3 reports:

TYPO3-CORE-SA-2022-012: Denial of Service in Page Error Handling.

TYPO3-CORE-SA-2022-013: Weak Authentication in Frontend Login.

TYPO3-CORE-SA-2022-014: Insufficient Session Expiration after Password Reset.

TYPO3-CORE-SA-2022-015: Arbitrary Code Execution via Form Framework.

TYPO3-CORE-SA-2022-016: Sensitive Information Disclosure via YAML Placeholder Expressions in Site Configuration.

TYPO3-CORE-SA-2022-017: By-passing Cross-Site Scripting Protection in HTML Sanitizer.

References

CVE Name CVE-2022-23499
CVE Name CVE-2022-23500
CVE Name CVE-2022-23501
CVE Name CVE-2022-23502
CVE Name CVE-2022-23503
CVE Name CVE-2022-23504
URL https://typo3.org/article/typo3-1211-11520-and-10433-security-releases-published