RSS   Vulnerabilities for 'Dated news'   RSS

2021-08-13
 
CVE-2021-36789

CWE-89
 

 
The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 allows SQL Injection.

 
 
CVE-2021-36790

CWE-79
 

 
The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 allows XSS.

 
 
CVE-2021-36791

CWE-668
 

 
The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 allows Information Disclosure of application registration data.

 
 
CVE-2021-36792

NVD-CWE-noinfo
 

 
The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 has incorrect Access Control for confirming various applications.

 


Copyright 2024, cxsecurity.com

 

Back to Top