Lucene search
GoogleOSV:GHSA-5FJ8-WH3G-QVQ2HistoryMay 17, 2022 - 4:54 a.m.
TYPO3 is vulnerable to Mass Assignment in the Extension table administration library
2022-05-1704:54:37
Google
osv.dev
2
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
0.002 Low
EPSS
Percentile
64.2%
The creating record functionality in Extension table administration library (feuser_adminLib.inc) in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, and 6.0.0 through 6.0.11 allows remote attackers to write to arbitrary fields in the configuration database table via crafted links, aka “Mass Assignment.”
Related
cvelist
cvelist
CVE-2013-7080
2013-12-23 23:00:00
github
github
prion
prion
Design/Logic Flaw
2013-12-23 23:55:00
ubuntucve
ubuntucve
CVE-2013-7080
2013-12-23 00:00:00
openvas
openvas
TYPO3 feuser_adminLib Authorization Bypass Vulnerability
2014-01-06 00:00:00
Debian Security Advisory DSA 2834-1 (typo3-src - several vulnerabilities)
2014-01-01 00:00:00
Debian: Security Advisory (DSA-2834-1)
2013-12-31 00:00:00
cve
cve
CVE-2013-7080
2013-12-23 23:55:04
securityvulns
securityvulns
[SECURITY] [DSA 2834-1] typo3-src security update
2014-01-09 00:00:00
nessus
nessus
Debian DSA-2834-1 : typo3-src - several vulnerabilities
2014-01-02 00:00:00
debian
debian
[SECURITY] [DSA 2834-1] typo3-src security update
2014-01-01 16:19:19
[SECURITY] [DSA 2834-1] typo3-src security update
2014-01-01 16:19:19
typo3
typo3
Multiple Vulnerabilities in TYPO3 CMS
2013-12-10 00:00:00
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
0.002 Low
EPSS
Percentile
64.2%
Related for OSV:GHSA-5FJ8-WH3G-QVQ2