Description
The System extension Install tool in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 creates the encryption key with an insufficiently random seed, which makes it easier for attackers to crack the key.
Remediation
References
Related Vulnerabilities
WordPress Plugin WPBakery Page Builder Clipboard Security Bypass (4.5.7)
OpenSSL Use After Free Vulnerability (CVE-2023-0215)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-4593)
WordPress Plugin Doctor Appointment Booking Multiple Vulnerabilities (1.0.0)
Atlassian Confluence CVE-2020-29448 Vulnerability (CVE-2020-29448)