CVE-2013-7081

EPSS 0.17%

TYPO3 Improper Access Control vulnerability

發布日:2022/5/17修改日:2023/11/8

描述

The (old) Form Content Element component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 allows remote authenticated editors to generate arbitrary HMAC signatures and bypass intended access restrictions via unspecified vectors.

受影響套件(1)

Packagist/typo3/cms-core>= 4.5.0, < 4.5.31

參考連結(5)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2013-7081
PATCHhttps://github.com/TYPO3-CMS/core
WEBhttp://seclists.org/oss-sec/2013/q4/473
WEBhttp://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004
WEBhttp://www.debian.org/security/2014/dsa-2834