EPSS
Percentile
56.9%
Typo3 is vulnerable to link spoofing. If a homepage is set with links that contain anchor only links, a malicious user can pass a request to the application to modify these links to point to a malicious link.
lists.opensuse.org/opensuse-updates/2016-08/msg00106.html
typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-003/