CVE-2013-1843
MEDIUM5.3EPSS 0.63%TYPO3 Open redirect vulnerability in the Access tracking mechanism
發布日:2022/5/17修改日:2023/11/8
描述
Open redirect vulnerability in the Access tracking mechanism in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
受影響套件(1)
- Packagist/typo3/cms-core>= 4.5.0, < 4.5.24
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM5.3 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
參考連結(10)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2013-1843
- PATCHhttps://github.com/TYPO3-CMS/core
- WEBhttp://lists.opensuse.org/opensuse-updates/2013-03/msg00079.html
- WEBhttp://secunia.com/advisories/52433
- WEBhttp://secunia.com/advisories/52638
- WEBhttp://typo3.org/support/teamssecuritysecurity-bulletins/security-bulletins-single-view/article/sql-injection-and-open-redirection-in-typo3-core
- WEBhttp://www.debian.org/security/2013/dsa-2646
- WEBhttp://www.openwall.com/lists/oss-security/2013/03/12/3
- WEBhttp://www.osvdb.org/90924
- WEBhttp://www.securityfocus.com/bid/58330