Lucene search
GoogleOSV:GHSA-4R76-XR68-W7M7HistoryMay 30, 2024 - 9:02 p.m.
TYPO3 may allow editors to change, create, or delete metadata of files not within their file mounts
2024-05-3021:02:59
Google
osv.dev
1
typo3
editors
metadata
file mounts
security vulnerability
7.1 High
AI Score
Confidence
Low
It has been discovered, that editors with access to file meta data table could change, create or delete metadata of files which are not within their file mounts.
References
github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2015-07-01-1.yaml
github.com/TYPO3/typo3
github.com/TYPO3/typo3/commit/0decbf83c531cab77497429eb2edecf9a1038b25
github.com/TYPO3/typo3/commit/bff9fa5945801d1d2c641ddc8eb86c6647549d80
typo3.org/security/advisory/typo3-core-sa-2015-002
typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-002
7.1 High
AI Score
Confidence
Low