Description

The (old) Form Content Element component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 allows remote authenticated editors to generate arbitrary HMAC signatures and bypass intended access restrictions via unspecified vectors.

Remediation

References

CVE-2013-7081

Related Vulnerabilities

WordPress Plugin uTubeVideo Gallery Cross-Site Scripting (2.0.7)

WordPress Plugin WP Prayer Cross-Site Scripting (1.6.1)

WordPress Plugin EZ Google Analytics Cross-Site Scripting (4.1.06)

SharePoint Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-1024)

WordPress Plugin Work The Flow File Upload Arbitrary File Upload (2.3.1)

Severity

Medium

Classification

CVE-2013-7081 CWE-264

Tags

Missing Update Known Vulnerabilities