4 matches found
TYPO3 Information Disclosure Vulnerability (TYPO3-CORE-SA-2021-012)
TYPO3 is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:typo3:typo3"; if...
CVE-2021-32767 Information Disclosure in User Authentication
TYPO3 is an open source PHP based web content management system. In versions 9.0.0 through 9.5.27, 10.0.0 through 10.4.17, and 11.0.0 through 11.3.0, user credentials may been logged as plain-text. This occurs when explicitly using log level debug, which is not the default configuration. TYPO3...
CVE-2021-32767
TYPO3 Information Disclosure (CVE-2021-32767) affects TYPO3 CMS versions 9.0.0–9.5.27, 10.0.0–10.4.17, and 11.0.0–11.3.0, where user credentials may be logged in plaintext when debug logging is explicitly enabled (not the default). A patch exists in TYPO3 9.5.28, 10.4.18, and 11.3.1. Connected ad...
Vulnerabilities fixed in Typo3
The developers of Typo3 have fixed vulnerabilities in Typo3 Core. The vulnerabilities allow a malicious party to perform Perform cross-site scripting XSS attacks. Such attacks can lead to the execution of arbitrary script code in the context of the victim's browser. In order to perform such an...