Lucene search

K
cveMitreCVE-2020-25025
HistorySep 02, 2020 - 5:15 p.m.

CVE-2020-25025

2020-09-0217:15:12
CWE-863
mitre
web.nvd.nist.gov
45
l10nmgr
typo3
information disclosure
cve-2020-25025
nvd

CVSS2

4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

AI Score

4.5

Confidence

High

EPSS

0.001

Percentile

22.7%

The l10nmgr (aka Localization Manager) extension before 7.4.0, 8.x before 8.7.0, and 9.x before 9.2.0 for TYPO3 allows Information Disclosure (translatable fields).

Affected configurations

Nvd
Node
localization_manager_projectlocalization_managerRange<7.4.0typo3
OR
localization_manager_projectlocalization_managerRange8.0.08.7.0typo3
OR
localization_manager_projectlocalization_managerRange9.0.09.2.0typo3
VendorProductVersionCPE
localization_manager_projectlocalization_manager*cpe:2.3:a:localization_manager_project:localization_manager:*:*:*:*:*:typo3:*:*

CVSS2

4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

AI Score

4.5

Confidence

High

EPSS

0.001

Percentile

22.7%

Related for CVE-2020-25025