GHSA-744g-7qm9-hjh9: The TYPO3 CMS Backend has Broken Authentication in Backend MFA

GHSA-6frx-j292-c844: TYPO3 Allows Privilege Escalation to System Maintainer

GHSA-9hq9-cr36-4wpj: TYPO3 Allows Unrestricted File Upload in File Abstraction Layer

GHSA-3jrg-97f3-rqh9: TYPO3 Unverified Password Change for Backend Users

GHSA-x8pv-fgxp-8v3x: TYPO3 Allows Information Disclosure via DBAL Restriction Handling

The /proxy route allows a user to proxy arbitrary urls including potential internal endpoints.

**gradio Server-Side Request Forgery vulnerability**

High severity GitHub Reviewed Published Mar 27, 2024 to the GitHub Advisory Database • Updated Mar 27, 2024

Headline

GHSA-r364-m2j9-mf4h: gradio Server-Side Request Forgery vulnerability

ghsa: Latest News