Description

Extbase in TYPO3 4.3.0 before 6.2.24, 7.x before 7.6.8, and 8.1.1 allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted Extbase action.

Remediation

References

CVE-2016-5091

Related Vulnerabilities

WordPress Plugin RegistrationMagic-Custom Registration Forms, User Registration, Payment, and User Login SQL Injection (5.0.2.1)

WordPress Plugin UserPro-Community and User Profile Privilege Escalation (4.9.27)

MySQL CVE-2022-21288 Vulnerability (CVE-2022-21288)

WordPress Plugin AddToAny Share Buttons Cross-Site Scripting (1.6.6)

Lighttpd Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-4359)

Severity

High

Classification

CVE-2016-5091 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities