Description
The creating record functionality in Extension table administration library (feuser_adminLib.inc) in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, and 6.0.0 through 6.0.11 allows remote attackers to write to arbitrary fields in the configuration database table via crafted links, aka "Mass Assignment."
Remediation
References
Related Vulnerabilities
WordPress Plugin Social Login Lite For WooCommerce Security Bypass (1.6.0)
WordPress Plugin Social Essentials-Social Stats and Sharing Buttons Cross-Site Scripting (1.3.1)
OpenSSL Improper Certificate Validation Vulnerability (CVE-2023-0464)
WordPress Plugin WP Infusionsoft WooCommerce Cross-Site Scripting (1.0.8)