Description
The configuration module in the backend in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote authenticated backend users to obtain the encryption key via unspecified vectors.
Remediation
References
Related Vulnerabilities
WordPress Plugin Subscriptions & Memberships for PayPal Cross-Site Scripting (1.1.2)
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3427)
PostgreSQL 7PK - Security Features Vulnerability (CVE-2016-2193)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4408)