TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery (CSRF). Additionally, state-changing actions in downstream components incorrectly accepted submissions via HTTP GET and did not enforce the appropriate HTTP method. Successful […]
TYPO3 is a free and open source Content Management Framework. Applications that use `TYPO3CMSCoreHttpUri` to parse externally provided URLs (e.g., via a query parameter) and validate the host of the parsed URL may be vulnerable to open redirect or SSRF attacks if the URL is used after passing the validation checks. Users are advised to […]
The following table lists the changes that have been made to the CVE-2024-55891 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Jan. 14, 2025 Action […]
The following table lists the changes that have been made to the CVE-2024-53263 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Jan. 14, 2025 Action […]
The following table lists the changes that have been made to the CVE-2024-48858 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Jan. 14, 2025 Action […]
The following table lists the changes that have been made to the CVE-2025-23074 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by c4f26cc8-17ff-4c99-b5e2-38fc1793eacc Jan. 14, 2025 Action […]
The following table lists the changes that have been made to the CVE-2025-23073 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by c4f26cc8-17ff-4c99-b5e2-38fc1793eacc Jan. 14, 2025 Action […]
The following table lists the changes that have been made to the CVE-2025-23072 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by c4f26cc8-17ff-4c99-b5e2-38fc1793eacc Jan. 14, 2025 Action […]
Gradio is an open-source Python package that allows quick building of demos and web application for machine learning models, API, or any arbitrary Python function. Gradio’s Access Control List (ACL) for file paths can be bypassed by altering the letter case of a blocked file or directory path. This vulnerability arises due to the lack […]
The following table lists the changes that have been made to the CVE-2025-23041 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Jan. 14, 2025 Action […]
