georgringer/news
Packagist2 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting georgringer/newspage 1 of 1
- CVE-2013-4748NONECVSS 0.0EG 0.0✓ Fixed in 1.3.32013-07-01
SQL injection vulnerability in the News system (news) extension before 1.3.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
- CVE-2026-8726HIGHCVSS 8.2EG 8.2✓ Fixed in 11.4.42026-05-19
vulnerable: 11.0.0 ... 11.4.3 (10 versions)
The extension fails to properly sanitize user input before using it in a database query. As a result, an unauthenticated attacker can inject arbitrary SQL through a URL parameter on pages using the "Date Menu of news articles" plugin. Expl…
Check whether georgringer/news is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for georgringer/news CVEs against the assets you own.
Start Free Scan →