7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
28.0%
DISPUTED SQL injection vulnerability in index.php in TYPO3 4.0
allows remote attackers to execute arbitrary SQL commands via the showUid
parameter. NOTE: the TYPO3 Security Team disputes this report, stating that
“there is no such vulnerability… The showUid parameter is generally used
in third-party TYPO3 extensions - not in TYPO3 Core.”
Author | Note |
---|---|
debian | Bogus issue claimed for typo3 |