WEB APPLICATION VULNERABILITIES Standard & Premium

TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-7081)

Description

The (old) Form Content Element component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 allows remote authenticated editors to generate arbitrary HMAC signatures and bypass intended access restrictions via unspecified vectors.

Remediation

References

Related Vulnerabilities

Joomla! Core 1.6.0 Spam (1.6.0)

WordPress Plugin WordPress Download Manager Cross-Site Scripting (2.9.51)

WordPress Plugin Simple Slider 'New Image' Field Cross-Site Scripting (1.0)

Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-7984)

WordPress Plugin Social Auto Poster-WordPress Scheduler & Marketing Cross-Site Scripting (5.3.14)

Severity

Medium

Classification

CVE-2013-7081 CWE-264

Tags

Missing Update Known Vulnerabilities