Lucene search
K

6 matches found

Circl
Circl
added 2022/12/14 12:27 p.m.6 views

CVE-2022-23504

creationtimestamp| type| source ---|---|--- 2022-12-14 12:27:24+00:00| seen| https://t.me/cibsecurity/54498 2025-04-21 20:03:22+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/12750...

5.7CVSS6AI score0.00514EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/12/14 7:58 a.m.36 views

CVE-2022-23504 TYPO3 contains Sensitive Information Disclosure via YAML Placeholder Expressions in Site Configuration

TYPO3 is an open source PHP based web content management system. Versions prior to 9.5.38, 10.4.33, 11.5.20, and 12.1.1 are subject to Sensitive Information Disclosure. Due to the lack of handling user-submitted YAML placeholder expressions in the site configuration backend module, attackers coul...

5.7CVSS6.2AI score0.00514EPSS
Exploits0References1
CVE
CVE
added 2022/12/14 7:58 a.m.90 views

CVE-2022-23504

TYPO3 contains a Sensitive Information Disclosure vulnerability (CVE-2022-23504) caused by improper handling of user-submitted YAML placeholder expressions in the site configuration backend module. The issue allows exposure of internal data (e.g., system configuration and HTTP request messages of...

5.7CVSS5.6AI score0.00514EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/12/14 7:58 a.m.7 views

CVE-2022-23504 TYPO3 contains Sensitive Information Disclosure via YAML Placeholder Expressions in Site Configuration

TYPO3 is an open source PHP based web content management system. Versions prior to 9.5.38, 10.4.33, 11.5.20, and 12.1.1 are subject to Sensitive Information Disclosure. Due to the lack of handling user-submitted YAML placeholder expressions in the site configuration backend module, attackers coul...

5.7CVSS6.9AI score0.00514EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/12/14 12:0 a.m.18 views

TYPO3 Sensitive Information Disclosure Vulnerability (TYPO3-CORE-SA-2022-016)

TYPO3 is prone to a sensitive information disclosure vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:typo3:typo3";...

5.7CVSS5.5AI score0.00514EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/12/13 12:0 a.m.23 views

TYPO3 9.0.0 < 9.5.38 ELTS / 10.0.0 < 10.4.33 / 11.0.0 < 11.5.20 / 12.0.0 < 12.1.1 (TYPO3-CORE-SA-2022-016)

The version of TYPO3 installed on the remote host is prior to 9.0.0 9.5.38 ELTS / 10.0.0 10.4.33 / 11.0.0 11.5.20 / 12.0.0 12.1.1. It is, therefore, affected by a vulnerability as referenced in the TYPO3-CORE-SA-2022-016 advisory. - Due to the lack of handling user-submitted YAML placeholder...

5.7CVSS5.5AI score0.00514EPSS
Exploits0References2
Rows per page
Query Builder