CVE-2021-36792 — CVSS 7.2 (high): The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 has incorrect Access Control for confirming various applications.
CVE-2021-36791 — CVSS 5.3 (medium): The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 allows Information Disclosure of application registration data.