CVE-2013-7081

EPSS 0.17%

TYPO3 Improper Access Control vulnerability

Published: 5/17/2022Modified: 11/8/2023

Description

The (old) Form Content Element component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 allows remote authenticated editors to generate arbitrary HMAC signatures and bypass intended access restrictions via unspecified vectors.

Affected packages (1)

Packagist/typo3/cms-core>= 4.5.0, < 4.5.31

References (5)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2013-7081
PATCHhttps://github.com/TYPO3-CMS/core
WEBhttp://seclists.org/oss-sec/2013/q4/473
WEBhttp://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004
WEBhttp://www.debian.org/security/2014/dsa-2834