Description

The configuration module in the backend in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote authenticated backend users to obtain the encryption key via unspecified vectors.

Remediation

References

CVE-2012-3529

Related Vulnerabilities

PHP Other Vulnerability (CVE-2007-4441)

Plone CMS Resource Management Errors Vulnerability (CVE-2012-5499)

WordPress Plugin oQey Gallery 'gal_id' Parameter SQL Injection (0.4.8)

MyBB URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-10678)

Microsoft SQL Server Other Vulnerability (CVE-2001-0344)

Severity

Low

Classification

CVE-2012-3529 CWE-200

Tags

Missing Update Known Vulnerabilities