Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2019-12747)

Description

TYPO3 8.x through 8.7.26 and 9.x through 9.5.7 allows Deserialization of Untrusted Data.

Remediation

References

Related Vulnerabilities

WordPress Plugin SS Downloads Cross-Site Request Forgery and Information Disclosure Vulnerabilities (1.4.3)

Apache HTTP Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2011-0419)

WordPress Incorrect Default Permissions Vulnerability (CVE-2011-1762)

Microsoft SQL Server Remote Code Execution Vulnerability (CVE-2019-1068)

WordPress Plugin Gallery-Responsive Photo and Video Gallery by Limb Cross-Site Scripting (1.3.2)

Severity

Critical

Classification

CVE-2019-12747 CWE-502 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities