Description
The configuration module in the backend in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote authenticated backend users to obtain the encryption key via unspecified vectors.
Remediation
References
Related Vulnerabilities
WordPress Plugin Events Shortcodes For The Events Calendar Security Bypass (1.9.4)
WordPress Plugin BackupBuddy Information Disclosure (2.2.28)
WordPress Plugin RSVPMaker SQL Injection (5.6.3)
WordPress Plugin Drop Shadow Boxes Security Bypass (1.7.1)
WordPress Plugin WooCommerce Arbitrary File Deletion (3.4.5)