Description
The web application is based on Typo3 CMS. Typo3 Admin interface is publicly accessible.
Remediation
Restrict access to Typo3 Admin.
References
Related Vulnerabilities
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-7833)
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1000169)
Unrestricted access to AnythingLLM API
WordPress Plugin Popup Maker-Popup for opt-ins, lead gen, & more Information Disclosure (1.8.11)