Lucene search
K

8 matches found

OSV
OSV
added 2024/03/06 11:9 a.m.14 views

BIT-TYPO3-2022-23504

TYPO3 is an open source PHP based web content management system. Versions prior to 9.5.38, 10.4.33, 11.5.20, and 12.1.1 are subject to Sensitive Information Disclosure. Due to the lack of handling user-submitted YAML placeholder expressions in the site configuration backend module, attackers coul...

5.7CVSS5.5AI score0.00514EPSS
Exploits0References1
Prion
Prion
added 2022/12/14 8:15 a.m.16 views

Information disclosure

TYPO3 is an open source PHP based web content management system. Versions prior to 9.5.38, 10.4.33, 11.5.20, and 12.1.1 are subject to Sensitive Information Disclosure. Due to the lack of handling user-submitted YAML placeholder expressions in the site configuration backend module, attackers coul...

3.3CVSS5.3AI score0.00514EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/12/14 7:58 a.m.36 views

CVE-2022-23504 TYPO3 contains Sensitive Information Disclosure via YAML Placeholder Expressions in Site Configuration

TYPO3 is an open source PHP based web content management system. Versions prior to 9.5.38, 10.4.33, 11.5.20, and 12.1.1 are subject to Sensitive Information Disclosure. Due to the lack of handling user-submitted YAML placeholder expressions in the site configuration backend module, attackers coul...

5.7CVSS6.2AI score0.00514EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/12/14 7:58 a.m.7 views

CVE-2022-23504 TYPO3 contains Sensitive Information Disclosure via YAML Placeholder Expressions in Site Configuration

TYPO3 is an open source PHP based web content management system. Versions prior to 9.5.38, 10.4.33, 11.5.20, and 12.1.1 are subject to Sensitive Information Disclosure. Due to the lack of handling user-submitted YAML placeholder expressions in the site configuration backend module, attackers coul...

5.7CVSS6.9AI score0.00514EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/12/14 12:0 a.m.18 views

TYPO3 Sensitive Information Disclosure Vulnerability (TYPO3-CORE-SA-2022-016)

TYPO3 is prone to a sensitive information disclosure vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:typo3:typo3";...

5.7CVSS5.5AI score0.00514EPSS
Exploits0References2
OSV
OSV
added 2022/12/13 5:13 p.m.25 views

GHSA-8W3P-QH3X-6GJR TYPO3 CMS vulnerable to Sensitive Information Disclosure via YAML Placeholder Expressions in Site Configuration

CVSS: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:L/E:F/RL:O/RC:C 5.3 Problem Due to the lack of handling user-submitted YAML placeholder expressions in the site configuration backend module, attackers could expose sensitive internal information, such as system configuration or HTTP request messag...

5.7CVSS5.5AI score0.00514EPSS
Exploits0References7
Friends Of PHP
Friends Of PHP
added 2022/12/13 9:19 a.m.35 views

TYPO3-CORE-SA-2022-016: Sensitive Information Disclosure via YAML Placeholder Expressions in Site Configuration

More info at https://typo3.org/security/advisory/typo3-core-sa-2022-016...

5.7CVSS7.2AI score0.00514EPSS
Exploits0Affected Software1
FreeBSD
FreeBSD
added 2022/12/13 12:0 a.m.32 views

typo3 -- multiple vulnerabilities

TYPO3 reports: TYPO3-CORE-SA-2022-012: Denial of Service in Page Error Handling. TYPO3-CORE-SA-2022-013: Weak Authentication in Frontend Login. TYPO3-CORE-SA-2022-014: Insufficient Session Expiration after Password Reset. TYPO3-CORE-SA-2022-015: Arbitrary Code Execution via Form Framework...

8.8CVSS1.6AI score0.00785EPSS
Exploits0References1
Rows per page
Query Builder