2 matches found
Information Disclosure
typo3 is vulnerable to information disclosure. The vulnerability exists because the library does not properly handle user-submitted YAML placeholder expressions in the site configuration backend module which allows an attacker to access sensitive information of the system...
Information disclosure
TYPO3 is an open source PHP based web content management system. Versions prior to 9.5.38, 10.4.33, 11.5.20, and 12.1.1 are subject to Sensitive Information Disclosure. Due to the lack of handling user-submitted YAML placeholder expressions in the site configuration backend module, attackers coul...