Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:GHSA-4RPV-G4GQ-RH4M
HistoryMay 17, 2022 - 3:46 a.m.

TYPO3 vulnerable to Information Disclosure via Content Editing Wizards component

2022-05-1703:46:18
Google
osv.dev
5

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

55.0%

JSON

The Content Editing Wizards component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 does not check permissions, which allows remote authenticated editors to read arbitrary TYPO3 table columns via unspecified parameters.

Related

cve 1
ubuntucve 1
prion 1
cvelist 1
github 1
suse 1
nessus 4
openvas 4
securityvulns 2
debian 2
typo3 1
cve
cve
CVE-2013-7073
2013-12-23 23:55:00
ubuntucve
ubuntucve
CVE-2013-7073
2013-12-23 00:00:00
prion
prion
Code injection
2013-12-23 23:55:00
cvelist
cvelist
CVE-2013-7073
2013-12-23 23:00:00
github
github
TYPO3 vulnerable to Information Disclosure via Content Editing Wizards component
2022-05-17 03:46:18
suse
suse
Important security fixes for Typo3 (important)
2016-08-10 22:09:17
nessus
nessus
openSUSE Security Update : typo3 (openSUSE-2016-959)
2016-08-12 00:00:00
openSUSE Security Update : typo3-cms-4_5 (openSUSE-2016-1022)
2016-08-30 00:00:00
openSUSE Security Update : typo3-cms-4_7 (openSUSE-2016-1002)
2016-08-22 00:00:00
openvas
openvas
openSUSE: Security Advisory for Typo3 (openSUSE-SU-2016:2025-1)
2016-08-11 00:00:00
TYPO3 Multiple Vulnerabilities (Dec 2013)
2014-01-06 00:00:00
Debian: Security Advisory (DSA-2834-1)
2013-12-31 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2834-1] typo3-src security update
2014-01-09 00:00:00
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2014-01-09 00:00:00
debian
debian
[SECURITY] [DSA 2834-1] typo3-src security update
2014-01-01 16:19:19
[SECURITY] [DSA 2834-1] typo3-src security update
2014-01-01 16:19:37
typo3
typo3
Multiple Vulnerabilities in TYPO3 CMS
2013-12-10 00:00:00

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

55.0%

JSON
Related for OSV:GHSA-4RPV-G4GQ-RH4M
cve1ubuntucve1prion1cvelist1github1suse1nessus4openvas4securityvulns2debian2typo31