3 matches found
CVE-2017-6370
TYPO3 7.6.15 sends an http request to an index.php?loginProvider URI in cases with an https Referer, which allows remote attackers to obtain sensitive cleartext information by sniffing the network and reading the userident and username fields...
CVE-2017-6370
CVE-2017-6370 affects TYPO3 7.6.15. A vulnerability causes the client to send a login-related HTTP request to index.php?loginProvider when there is an https Referer, which can allow remote attackers to read sensitive fields (userident and username) in cleartext over the network. The available con...
CVE-2017-6370
TYPO3 7.6.15 sends an http request to an index.php?loginProvider URI in cases with an https Referer, which allows remote attackers to obtain sensitive cleartext information by sniffing the network and reading the userident and username fields...