← voltar
CVE-2011-3583

CVE-2011-3583

EPSS 1.4%
It was found that Typo3 Core versions 4.5.0 - 4.5.5 uses prepared statements that, if the parameter values are not properly replaced, could lead to a SQL Injection vulnerability. This issue can only be exploited if two or more parameters are bound to the query and at least two come from user input.
Produtos afetados
TYPO3 Core · TYPO3 Core

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://access.redhat.com/security/cve/cve-2011-3583https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=641682https://security-tracker.debian.org/tracker/CVE-2011-3583https://typo3.org/security/advisory/typo3-core-sa-2011-002/