Description
SQL injection vulnerability in the Backend History module in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to execute arbitrary SQL commands via unspecified vectors.
Remediation
References
Related Vulnerabilities
Atlassian Jira Missing Authentication for Critical Function Vulnerability (CVE-2019-8449)
WordPress Plugin PDF Flipbook, 3D Flipbook WordPress-DearFlip Cross-Site Scripting (1.7.9)
Django URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-7233)
WordPress Plugin Chamber Dashboard Member Manager Cross-Site Scripting (2.0.5)