Description

TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, 6.1.0 before 6.1.9, and 6.2.0 before 6.2.3 allows remote attackers to have unspecified impact via a crafted HTTP Host header, related to "Host Spoofing."

Remediation

References

CVE-2014-3941

Related Vulnerabilities

WordPress Plugin User Profile Builder-Beautiful User Registration Forms, User Profiles & User Role Editor Cross-Site Scripting (3.6.7)

WordPress 'post.php' Cross-Site Scripting Vulnerability (1.5)

WordPress Plugin JSON API User Privilege Escalation (3.9.3)

Oracle JRE CVE-2023-21954 Vulnerability (CVE-2023-21954)

Atlassian Jira Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2017-18113)

Severity

Medium

Classification

CVE-2014-3941 CWE-20

Tags

Missing Update Known Vulnerabilities