WEB APPLICATION VULNERABILITIES Standard & Premium

TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-7081)

Description

The (old) Form Content Element component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 allows remote authenticated editors to generate arbitrary HMAC signatures and bypass intended access restrictions via unspecified vectors.

Remediation

References

Related Vulnerabilities

Nginx Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9516)

WordPress Other Vulnerability (CVE-2007-0233)

WordPress Plugin Custom Login Page Customizer-LoginPress Unspecified Vulnerability (1.1.15)

Apache HTTP Server Other Vulnerability (CVE-2003-0192)

WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5714)

Severity

Medium

Classification

CVE-2013-7081 CWE-264

Tags

Missing Update Known Vulnerabilities