Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

CMS

TYPO3

TYPO3 is a free Open Source content management system for enterprise purposes on the web and in intranets. It offers full flexibility and extendability while featuring an accomplished set of ready-made interfaces functions and modules.

Official Site:

https://typo3.org/

Severity Summary:

Critical: 5 High: 41 Medium: 151 Low: 20
Reference
Title
Severity
CVE-2007-6381
TYPO3 Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Medium
CVE-2008-2718
TYPO3 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2008-5644
TYPO3 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2008-5656
TYPO3 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2009-0255
TYPO3 Cryptographic Issues Vulnerability
Medium
CVE-2009-0257
TYPO3 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2009-0815
TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2009-0816
TYPO3 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2008-6699
TYPO3 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2009-3628
TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2009-3630
TYPO3 Other Vulnerability
Medium
CVE-2022-31046
TYPO3 Cleartext Transmission of Sensitive Information Vulnerability
Medium
CVE-2023-38499
TYPO3 Vulnerability
Medium
CVE-2022-31049
TYPO3 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2024-34356
TYPO3 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2024-55893
TYPO3 Exposed Dangerous Method or Function Vulnerability
Medium
CVE-2024-55892
TYPO3 URL Redirection to Untrusted Site (Open Redirect) Vulnerability
Medium
CVE-2024-55891
TYPO3 Insertion of Sensitive Information into Log File Vulnerability
Medium
CVE-2025-47937
TYPO3 Incorrect Authorization Vulnerability
Medium
CVE-2025-47936
TYPO3 Server-Side Request Forgery (SSRF) Vulnerability
Medium
CVE-2024-47780
TYPO3 Incorrect Authorization Vulnerability
Medium
CVE-2024-34537
TYPO3 Vulnerability
Medium
CVE-2024-34358
TYPO3 Allocation of Resources Without Limits or Throttling Vulnerability
Medium
CVE-2024-34357
TYPO3 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2024-55920
TYPO3 Exposed Dangerous Method or Function Vulnerability
Medium
CVE-2025-47939
TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability
Medium
CVE-2025-59019
TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2025-59018
TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2025-59016
TYPO3 Generation of Error Message Containing Sensitive Information Vulnerability
Medium
CVE-2025-59015
TYPO3 Insufficient Entropy Vulnerability
Medium