Vulnerabilities (CVE)

Filtered by vendor Dated News Project Subscribe
Filtered by product Dated News
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-36791 1 Dated News Project 1 Dated News 2024-02-28 5.0 MEDIUM 5.3 MEDIUM
The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 allows Information Disclosure of application registration data.
CVE-2021-36790 1 Dated News Project 1 Dated News 2024-02-28 4.3 MEDIUM 6.1 MEDIUM
The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 allows XSS.
CVE-2021-36789 1 Dated News Project 1 Dated News 2024-02-28 7.5 HIGH 9.8 CRITICAL
The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 allows SQL Injection.
CVE-2021-36792 1 Dated News Project 1 Dated News 2024-02-28 6.4 MEDIUM 7.2 HIGH
The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 has incorrect Access Control for confirming various applications.