TYPO3 Remote File Disclosure vulnerability in the jumpUrl mechanism

🗓️ 17 May 2022 05:28:57Reported by GitHub Advisory DatabaseType

github

github🔗 github.com👁 34 Views

TYPO3 jumpUrl mechanism Remote File Disclosur

Reporter	Title	Published	Views	Family All 25
0day.today	TYPO3 Unauthenticated Arbitrary File Retrieval	30 Dec 201000:00	–	zdt
Circl	CVE-2010-3714	29 May 201815:50	–	circl
CVE	CVE-2010-3714	25 Oct 201019:00	–	cve
Cvelist	CVE-2010-3714	25 Oct 201019:00	–	cvelist
Debian	[SECURITY] [DSA 2121-1] New TYPO3 packages fix several vulnerabilities	19 Oct 201020:07	–	debian
Tenable Nessus	Debian DSA-2121-1 : typo3-src - several vulnerabilities	20 Oct 201000:00	–	nessus
Exploit DB	TYPO3 - Arbitrary File Retrieval	29 Dec 201000:00	–	exploitdb
exploitpack	TYPO3 - Arbitrary File Retrieval	29 Dec 201000:00	–	exploitpack
Metasploit	TYPO3 sa-2010-020 Remote File Disclosure	7 Nov 201117:34	–	metasploit
NVD	CVE-2010-3714	25 Oct 201020:01	–	nvd

Vulners

Node

typo3 cms_poll_system_extensionRange4.4.0–4.4.4composer

OR

typo3 cms_poll_system_extensionRange4.3.0–4.3.7composer

OR

typo3 cms_poll_system_extensionRange4.2.0–4.2.15composer

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2010-3714
blog	www.blog.nibblesec.org/2010/12/typo3-sa-2010-020-typo3-sa-2010-022.html
typo3	www.typo3.org/teams/security/security-bulletins/typo3-sa-2010-020/
debian	www.debian.org/security/2010/dsa-2121
exploit-db	www.exploit-db.com/exploits/15856
github	www.github.com/TYPO3/typo3/commit/687b671c765eac10ffb764547bb403ac3ef55620
github	www.github.com/TYPO3/typo3/commit/a8ccd387cafd2c2c338fc29109c16418f7657229
github	www.github.com/TYPO3/typo3/commit/d95f06f633fd2c289b544f6d5907b789eae6cccb
web	www.web.archive.org/web/20111220151231/http://www.securityfocus.com/bid/43786
github	www.github.com/advisories/GHSA-w736-qv86-vq94

07 Feb 2024 23:57Current

6.8Medium risk

Vulners AI Score6.8

CVSS 27.1

EPSS0.33647

typo3 jumpurl remote file disclosure access tracking mechanism