Cleartext storage of session identifier

🗓️ 23 Mar 2021 01:53:42Reported by GitHub Advisory DatabaseType

Cleartext storage of session identifier vulnerability in TYPO

Reporter	Title	Published	Views	Family All 19
ATTACKERKB	CVE-2021-21339	23 Mar 202102:15	–	attackerkb
Circl	CVE-2021-21339	23 Mar 202106:38	–	circl
CNNVD	TYPO3 跨站脚本漏洞	16 Mar 202100:00	–	cnnvd
CNVD	TYPO3 Information Disclosure Vulnerability (CNVD-2021-26146)	17 Mar 202100:00	–	cnvd
CVE	CVE-2021-21339	23 Mar 202101:50	–	cve
Cvelist	CVE-2021-21339 Cleartext storage of session identifier	23 Mar 202101:50	–	cvelist
EUVD	EUVD-2021-0702	7 Oct 202500:30	–	euvd
Friends Of PHP	TYPO3-CORE-SA-2021-006: Cleartext storage of session identifier	16 Mar 202108:58	–	friendsofphp
Friends Of PHP	TYPO3-CORE-SA-2021-006: Cleartext storage of session identifier	16 Mar 202108:58	–	friendsofphp
NCSC	Vulnerabilities fixed in TYPO3	16 Mar 202100:00	–	ncsc

Vulners

Node

typo3 cms-coreRange9.0.0–9.5.25composer

typo3 cms-coreRange11.0.0–11.1.1composer

typo3 cms-coreRange10.0.0–10.4.14composer

typo3 cms-coreRange8.0.0–8.7.39composer

typo3 cms-coreRange7.0.0–7.6.50composer

typo3 cms-coreRange6.2.0–6.2.56composer

Source	Link
github	www.github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-qx3w-4864-94ch
packagist	www.packagist.org/packages/typo3/cms-core
nvd	www.nvd.nist.gov/vuln/detail/CVE-2021-21339
typo3	www.typo3.org/security/advisory/typo3-core-sa-2021-006
github	www.github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2021-21339.yaml
github	www.github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2021-21339.yaml
github	www.github.com/advisories/GHSA-qx3w-4864-94ch

02 Feb 2024 16:46Current

1.7Low risk

Vulners AI Score1.7

CVSS 25

CVSS 3.15.9 - 7.5

EPSS0.00132