Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:47689
HistoryJun 21, 2024 - 8:01 a.m.

Information Disclosure

2024-06-2108:01:07
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
1
typo3
cms
information disclosure
improper permission checks
editors
protected storages
folders
attackers
valid backend user account
frontend collection

7.2 High

AI Score

Confidence

High

JSON

typo3/cms is vulnerable to Information Disclosure. The vulnerability is due to improper permission checks, allowing editors to gain knowledge of protected storages and their folders. Attackers can exploit this by using a valid backend user account to include protected files in a collection rendered on the frontend.

7.2 High

AI Score

Confidence

High

JSON