Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

CMS

TYPO3

TYPO3 is a free Open Source content management system for enterprise purposes on the web and in intranets. It offers full flexibility and extendability while featuring an accomplished set of ready-made interfaces functions and modules.

Official Site:

https://typo3.org/

Severity Summary:

Critical: 5 High: 41 Medium: 151 Low: 20
Reference
Title
Severity
CVE-2009-3631
TYPO3 Improper Control of Generation of Code (Code Injection) Vulnerability
High
CVE-2025-59022
TYPO3 Missing Authorization Vulnerability
High
CVE-2026-0859
TYPO3 Deserialization of Untrusted Data Vulnerability
High
CVE-2019-19850
TYPO3 Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2019-19849
TYPO3 Deserialization of Untrusted Data Vulnerability
High
CVE-2019-19848
TYPO3 Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
High
CVE-2024-22188
TYPO3 Improper Control of Generation of Code (Code Injection) Vulnerability
High
CVE-2019-11832
TYPO3 Improper Input Validation Vulnerability
High
CVE-2017-14251
TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability
High
CVE-2025-59017
TYPO3 Missing Authorization Vulnerability
High
CVE-2020-15098
TYPO3 Deserialization of Untrusted Data Vulnerability
High
CVE-2020-26228
TYPO3 Cleartext Storage of Sensitive Information Vulnerability
High
CVE-2010-3714
TYPO3 Permissions Privileges and Access Controls Vulnerability
High
CVE-2013-1842
TYPO3 Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2021-41113
TYPO3 Cross-Site Request Forgery (CSRF) Vulnerability
High
CVE-2016-5091
TYPO3 7PK - Security Features Vulnerability
High
CVE-2021-41114
TYPO3 Improper Neutralization of HTTP Headers for Scripting Syntax Vulnerability
Medium
CVE-2021-32767
TYPO3 Insertion of Sensitive Information into Log File Vulnerability
Medium
CVE-2022-31047
TYPO3 Insertion of Sensitive Information into Log File Vulnerability
Medium
CVE-2021-32669
TYPO3 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-21338
TYPO3 URL Redirection to Untrusted Site (Open Redirect) Vulnerability
Medium
CVE-2021-32668
TYPO3 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-32768
TYPO3 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-32667
TYPO3 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-21365
TYPO3 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2008-2717
TYPO3 Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2021-21340
TYPO3 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-21358
TYPO3 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-21370
TYPO3 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2006-0327
TYPO3 Other Vulnerability
Medium