Kien Hoang

#8988of 53,634
30.4Total CVSS
Vulnerabilities · 4
Medium
2
High
2
PT-2022-20488
6.5
2022-06-14
Typo3 · Typo3 · CVE-2022-31050
**Name of the Vulnerable Software and Affected Versions** TYPO3 versions prior to 9.5.34 ELTS TYPO3 versions prior to 10.4.29 TYPO3 versions prior to 11.5.11 **Description** The issue concerns Admin Tool sessions in the TYPO3 backend user interface that were not revoked even if the corresponding user account was degraded to lower permissions or disabled completely, potentially allowing sessions to be prolonged without limit. **Recommendations** Update to TYPO3 version 9.5.34 ELTS or later Update to TYPO3 version 10.4.29 or later Update to TYPO3 version 11.5.11 or later
PT-2021-14468
9.0
2021-03-26
Unknown · Buddypress · CVE-2021-21389
**Name of the Vulnerable Software and Affected Versions** BuddyPress versions 5.0.0 through 7.2.0 **Description** A non-privileged, regular user can obtain administrator rights by exploiting an issue in the REST API members endpoint. **Recommendations** For BuddyPress versions 5.0.0 through 7.2.0, update to version 7.2.1 to mitigate the issue.
PT-2020-16136
6.1
2020-12-09
Moodle · Moodle · CVE-2020-25627
**Name of the Vulnerable Software and Affected Versions** Moodle versions 3.9 through 3.9.1 **Description** The issue concerns a stored XSS risk due to insufficient sanitizing in the moodlenetprofile user profile field. This poses a risk as it can lead to the execution of malicious scripts stored in the user's profile. The estimated number of potentially affected devices worldwide is not specified. Details about real-world incidents where this issue was exploited are not provided. **Recommendations** For versions 3.9 through 3.9.1, update to version 3.9.2 to resolve the issue. At the moment, there is no other information about additional mitigation measures for this vulnerability.
PT-2022-8563
8.8
2020-10-15
Moodle · Moodle · CVE-2020-14321
**Name of the Vulnerable Software and Affected Versions** Moodle versions prior to 3.9.1 Moodle versions prior to 3.8.4 Moodle versions prior to 3.7.7 Moodle versions prior to 3.5.13 **Description** The issue allows teachers of a course to assign themselves the manager role within that course. **Recommendations** For versions prior to 3.9.1, update to version 3.9.1 or later. For versions prior to 3.8.4, update to version 3.8.4 or later. For versions prior to 3.7.7, update to version 3.7.7 or later. For versions prior to 3.5.13, update to version 3.5.13 or later.