Filtered by vendor Dated News Project Subscriptions
Total 4 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-36792 1 Dated News Project 1 Dated News 2024-11-21 7.2 High
The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 has incorrect Access Control for confirming various applications.
CVE-2021-36791 1 Dated News Project 1 Dated News 2024-11-21 5.3 Medium
The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 allows Information Disclosure of application registration data.
CVE-2021-36790 1 Dated News Project 1 Dated News 2024-11-21 6.1 Medium
The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 allows XSS.
CVE-2021-36789 1 Dated News Project 1 Dated News 2024-11-21 9.8 Critical
The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 allows SQL Injection.