5 matches found
BIT-TYPO3-2022-23500
TYPO3 is an open source PHP based web content management system. In versions prior to 9.5.38, 10.4.33, 11.5.20, and 12.1.1, requesting invalid or non-existing resources via HTTP triggers the page error handler, which again could retrieve content to be shown as an error message from another page...
CVE-2022-23500
TYPO3 is an open source PHP based web content management system. In versions prior to 9.5.38, 10.4.33, 11.5.20, and 12.1.1, requesting invalid or non-existing resources via HTTP triggers the page error handler, which again could retrieve content to be shown as an error message from another page...
TYPO3 9.0.0 < 9.5.38 ELTS / 10.0.0 < 10.4.33 / 11.0.0 < 11.5.20 (TYPO3-CORE-SA-2022-012)
The version of TYPO3 installed on the remote host is prior to 9.0.0 9.5.38 ELTS / 10.0.0 10.4.33 / 11.0.0 11.5.20. It is, therefore, affected by a vulnerability as referenced in the TYPO3-CORE-SA-2022-012 advisory. - Requesting invalid or non-existing resources via HTTP triggers the page error...
GHSA-4P9G-QGX9-397P Denial of Service in Page Error Handling
Meta CVSS: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C 5.5 CWE-405, CWE-674 Status: DRAFT Problem Requesting invalid or non-existing resources via HTTP triggers the page error handler which again could retrieve content to be shown as error message from another page. This leads to a...
Denial of Service in Page Error Handling
Requesting invalid or non-existing resources via HTTP triggers the page error handler which again could retrieve content to be shown as an error message from another page. This leads to a scenario in which the application is calling itself recursively - amplifying the impact of the initial attack...