Lucene search
GoogleOSV:CVE-2021-21339HistoryMar 23, 2021 - 2:15 a.m.
CVE-2021-21339
2021-03-2302:15:12
Google
osv.dev
3
TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 6.2.57, 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1 user session identifiers were stored in cleartext - without processing of additional cryptographic hashing algorithms. This vulnerability cannot be exploited directly and occurs in combination with a chained attack - like for instance SQL injection in any other component of the system. This is fixed in versions 6.2.57, 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1.
Related
cve
cve
CVE-2021-21339
2021-03-23 02:15:12
osv
osv
Cleartext storage of session identifier
2021-03-23 01:53:42
BIT-typo3-2021-21339
2024-03-06 11:11:19
cvelist
cvelist
CVE-2021-21339 Cleartext storage of session identifier
2021-03-23 01:50:40
nvd
nvd
CVE-2021-21339
2021-03-23 02:15:12
friendsofphp
friendsofphp
TYPO3-CORE-SA-2021-006: Cleartext storage of session identifier
2021-03-16 08:58:23
TYPO3-CORE-SA-2021-006: Cleartext storage of session identifier
2021-03-16 08:58:23
github
github
Cleartext storage of session identifier
2021-03-23 01:53:42
prion
prion
Sql injection
2021-03-23 02:15:00
typo3
typo3
Cleartext storage of session identifier
2021-03-16 00:00:00
veracode
veracode
Information Disclosure
2021-03-24 05:08:47
openvas
openvas