CVE-2012-3529

EPSS 0.37%

Typo3 Backend Configuration XSS Vulnerability

發布日:2022/5/17修改日:2024/1/12

描述

The configuration module in the backend in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote authenticated backend users to obtain the encryption key via unspecified vectors.

受影響套件(1)

Packagist/typo3/cms>= 4.5, < 4.5.19

參考連結(5)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2012-3529
WEBhttps://exchange.xforce.ibmcloud.com/vulnerabilities/77793
WEBhttp://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-004
WEBhttp://www.debian.org/security/2012/dsa-2537
WEBhttp://www.openwall.com/lists/oss-security/2012/08/22/8