CVE-2012-3529
EPSS 0.37%Typo3 Backend Configuration XSS Vulnerability
Published: 5/17/2022Modified: 1/12/2024
Also known as:GHSA-7gg8-3r6j-5g55
Description
The configuration module in the backend in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote authenticated backend users to obtain the encryption key via unspecified vectors.
Affected packages (1)
- Packagist/typo3/cms>= 4.5, < 4.5.19
References (5)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2012-3529
- WEBhttps://exchange.xforce.ibmcloud.com/vulnerabilities/77793
- WEBhttp://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-004
- WEBhttp://www.debian.org/security/2012/dsa-2537
- WEBhttp://www.openwall.com/lists/oss-security/2012/08/22/8