Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2019-12747)

Description

TYPO3 8.x through 8.7.26 and 9.x through 9.5.7 allows Deserialization of Untrusted Data.

Remediation

References

Related Vulnerabilities

WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.14)

WordPress Plugin WooCommerce Security Bypass (6.3.0)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4300)

WordPress Plugin 5gig Concerts Unspecified Vulnerability (1.0)

silverstripeCMS CVE-2019-12204 Vulnerability (CVE-2019-12204)

Severity

Critical

Classification

CVE-2019-12747 CWE-502 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities