Mittwald

mittwald

2 CVEs • 2 products

Products (2)

Click to collapse

Toggle

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-24979 1Mittwald 1Varnishcache Nov 21, 2024 Feb 19, 2022 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 An issue was discovered in the Varnishcache extension before 2.0.1 for TYPO3. The Edge Site Includes (ESI) content element renderer component does not include an access check. This allows an unauthenticated user to rende...Show more An issue was discovered in the Varnishcache extension before 2.0.1 for TYPO3. The Edge Site Includes (ESI) content element renderer component does not include an access check. This allows an unauthenticated user to render various content elements, resulting in insecure direct object reference (IDOR), with the potential of exposing internal content elements.Show less
CVE-2020-15513 1Mittwald 1Typo3 Forum Nov 21, 2024 Jul 7, 2020 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 The typo3_forum extension before 1.2.1 for TYPO3 has Incorrect Access Control.

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2022-24979

1Mittwald

1Varnishcache

Nov 21, 2024

Feb 19, 2022

N/A· v4

5.3 MEDIUM· v3

5.0 MEDIUM· v2

An issue was discovered in the Varnishcache extension before 2.0.1 for TYPO3. The Edge Site Includes (ESI) content element renderer component does not include an access check. This allows an unauthenticated user to render various content elements, resulting in insecure direct object reference (IDOR), with the potential of exposing internal content elements.Show less

CVE-2020-15513

1Mittwald

1Typo3 Forum

Nov 21, 2024

Jul 7, 2020

N/A· v4

5.3 MEDIUM· v3

5.0 MEDIUM· v2

The typo3_forum extension before 1.2.1 for TYPO3 has Incorrect Access Control.