Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:38488
HistoryDec 15, 2022 - 5:01 a.m.

Authentication Bypass

2022-12-1505:01:04
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12
typo3
authentication
bypass
vulnerability
software
frontend
login

0.001 Low

EPSS

Percentile

28.2%

typo3/cms and typo3/cms-core are vulnerable to authentication bypass. Restricting frontend login to specific users are organized in different storage folders (partitions), and can be bypassed, which allows an authenticated attacker to gain access to a different account when credentials are known.