Description
The creating record functionality in Extension table administration library (feuser_adminLib.inc) in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, and 6.0.0 through 6.0.11 allows remote attackers to write to arbitrary fields in the configuration database table via crafted links, aka "Mass Assignment."
Remediation
References
Related Vulnerabilities
WordPress Plugin 10Web AI Assistant-AI content writing assistant Security Bypass (1.0.18)
MediaWiki Improper Input Validation Vulnerability (CVE-2017-8815)
WordPress Plugin MC4WP:Mailchimp for WordPress Cross-Site Scripting (4.0.10)
WordPress Plugin WP Mobile Detector Unspecified Vulnerability (2.1)