← volver
CVE-2011-3583

CVE-2011-3583

EPSS 1.4%
It was found that Typo3 Core versions 4.5.0 - 4.5.5 uses prepared statements that, if the parameter values are not properly replaced, could lead to a SQL Injection vulnerability. This issue can only be exploited if two or more parameters are bound to the query and at least two come from user input.
Productos afectados
TYPO3 Core · TYPO3 Core

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://access.redhat.com/security/cve/cve-2011-3583https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=641682https://security-tracker.debian.org/tracker/CVE-2011-3583https://typo3.org/security/advisory/typo3-core-sa-2011-002/