CVE-2013-1843
MEDIUM5.3EPSS 0.63%TYPO3 Open redirect vulnerability in the Access tracking mechanism
Published: 5/17/2022Modified: 11/8/2023
Also known as:GHSA-7gxq-5qqc-v3fc
Description
Open redirect vulnerability in the Access tracking mechanism in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Affected packages (1)
- Packagist/typo3/cms-core>= 4.5.0, < 4.5.24
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM5.3 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
References (10)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2013-1843
- PATCHhttps://github.com/TYPO3-CMS/core
- WEBhttp://lists.opensuse.org/opensuse-updates/2013-03/msg00079.html
- WEBhttp://secunia.com/advisories/52433
- WEBhttp://secunia.com/advisories/52638
- WEBhttp://typo3.org/support/teamssecuritysecurity-bulletins/security-bulletins-single-view/article/sql-injection-and-open-redirection-in-typo3-core
- WEBhttp://www.debian.org/security/2013/dsa-2646
- WEBhttp://www.openwall.com/lists/oss-security/2013/03/12/3
- WEBhttp://www.osvdb.org/90924
- WEBhttp://www.securityfocus.com/bid/58330