2 matches found
openSUSE Security Update : typo3-cms-4_5 (openSUSE-2016-1022)
This update for typo3-cms-45 fixes the following issues : - CVE-2015-2047: Authentication Bypass TYPO3-CORE-SA-2015-001 - CVE-2014-9508: Link spoofing and cache poisoning TYPO3-CORE-SA-2014-003 - TYPO3-CORE-SA-2014-002: Multiple Vulnerabilities - CVE-2013-7073: Multiple vulnerabilities...
CVE-2014-9508
TYPO3 Open Redirect/Link Spoofing vulnerability CVE-2014-9508 affects the frontend rendering component. Affected: TYPO3 4.5.x before 4.5.39, 4.6.x–6.2.x before 6.2.9, and 7.x before 7.0.2. Condition: config.prefixLocalAnchors enabled with an anchor-only homepage; attacker can modify anchor-only l...