TYPO3 Backend Unspecified CSRF Vulnerability Network Vulnerability

Summary

This host is installed with TYPO3 and is prone to cross site request forgery vulnerability.

Impact

Successful exploitation will allow remote attackers to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities. Impact Level: Application

Solution

Upgrade to TYPO3 version 4.5 or later, for updates http://typo3.org/

Insight

An error exist in typo3 backend, which is caused by improper validation of user supplied input.

Affected

TYPO3 version 4.2.x to 4.2.16, 4.3.x to 4.3.9, and 4.4.x to 4.4.5

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://osvdb.org/70893
http://xforce.iss.net/xforce/xfdb/65387

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Aker Secure Mail Gateway Cross-Site Scripting Vulnerability
Apache Tomcat RemoteFilterValve Security Bypass Vulnerability
Apache Rave User Information Disclosure Vulnerability
@Mail WebMail Email Body HTML Injection Vulnerability
AlienForm CGI script

Take action and discover your vulnerabilities