5.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:P/A:P
0.002 Low
EPSS
Percentile
50.9%
The Backend subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before 4.1.13,
4.2.x before 4.2.10, and 4.3.x before 4.3beta2 allows remote authenticated
users to place arbitrary web sites in TYPO3 backend framesets via crafted
parameters, related to a “frame hijacking” issue.