Lucene search
GoogleOSV:GHSA-93WX-J2QV-49FGHistoryAug 23, 2023 - 6:30 a.m.
hCaptcha for EXT:form Broken Access Control vulnerability
2023-08-2306:30:17
Google
osv.dev
5
hcaptcha
ext:form
vulnerability
bypassing
captcha
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
EPSS
0.001
Percentile
43.4%
An issue was discovered in the hcaptcha (aka hCaptcha for EXT:form) extension before 2.1.2 for TYPO3. It fails to check that the required captcha field is submitted in the form data. allowing a remote user to bypass the CAPTCHA check.
Related
veracode
veracode
Improper Access Control
2023-08-25 07:22:48
cvelist
cvelist
CVE-2023-41100
2023-08-23 00:00:00
cve
cve
CVE-2023-41100
2023-08-23 06:15:09
friendsofphp
friendsofphp
prion
prion
Authentication flaw
2023-08-23 06:15:00
github
github
hCaptcha for EXT:form Broken Access Control vulnerability
2023-08-23 06:30:17
nvd
nvd
CVE-2023-41100
2023-08-23 06:15:09
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
EPSS
0.001
Percentile
43.4%
Related for OSV:GHSA-93WX-J2QV-49FG