typo3/cms-core is vulnerable to information disclosure. An insecure internal verification mechanism can be used to generate arbitrary checksums and allows an attacker to inject arbitrary data having a valid cryptographic message authentication code (HMAC-SHA1), resulting in disclosure of confidential information.
CPE | Name | Operator | Version |
---|---|---|---|
typo3/cms-core | le | 10.4.5 | |
typo3/cms-core | le | 9.5.19 | |
typo3/cms-core | le | 10.4.5 | |
typo3/cms-core | le | 9.5.19 |