← volver
CVE-2013-7073

CVE-2013-7073

EPSS 1.3%
The Content Editing Wizards component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 does not check permissions, which allows remote authenticated editors to read arbitrary TYPO3 table columns via unspecified parameters.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00028.htmlhttp://lists.opensuse.org/opensuse-updates/2016-08/msg00083.htmlhttp://lists.opensuse.org/opensuse-updates/2016-08/msg00106.htmlhttp://seclists.org/oss-sec/2013/q4/473http://seclists.org/oss-sec/2013/q4/487http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004/http://www.debian.org/security/2014/dsa-2834