Lucene search
PRIOn knowledge basePRION:CVE-2023-47126HistoryNov 14, 2023 - 8:15 p.m.
Design/Logic Flaw
2023-11-1420:15:00
PRIOn knowledge base
www.prio-n.com
4
typo3
php
gnu gpl
web content management
login screen
security vulnerability
upgrade
transient data directory
composer-based installations
TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions the login screen of the standalone install tool discloses the full path of the transient data directory (e.g. /var/www/html/var/transient/). This applies to composer-based scenarios only - βclassicβ non-composer installations are not affected. This issue has been addressed in version 12.4.8. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Related
osv
osv
Information Disclosure in typo3/cms-install tool
2023-11-14 20:34:26
CVE-2023-47126
2023-11-14 20:15:08
BIT-typo3-2023-47126
2024-03-06 11:07:42
veracode
veracode
Information Disclosure
2023-11-15 07:01:08
nessus
nessus
TYPO3 12.2.0 < 12.4.8 (TYPO3-CORE-SA-2023-005)
2023-11-14 00:00:00
cve
cve
CVE-2023-47126
2023-11-14 20:15:08
cvelist
cvelist
CVE-2023-47126 Information Disclosure in Install Tool in typo3/cms-install
2023-11-14 20:01:16
nvd
nvd
CVE-2023-47126
2023-11-14 20:15:08
github
github
Information Disclosure in typo3/cms-install tool
2023-11-14 20:34:26
freebsd
freebsd
typo3 -- Multiple vulnerabilities
2023-11-14 00:00:00