PT-2021-21357 · Typo3 · Dated News

Jo Hasenau

·

Published

2021-08-13

·

Updated

2021-08-20

·

CVE-2021-36789

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions dated news extension versions through 5.1.1 for TYPO3
Description The issue allows SQL Injection.
Recommendations For dated news extension versions through 5.1.1, update to a version that contains a fix for this issue.

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

CVE-2021-36789

Affected Products

Dated News