Description
The Authentication component in TYPO3 6.2.0 before 6.2.3 does not properly invalidate timed out user sessions, which allows remote attackers to bypass authentication via unspecified vectors.
Remediation
References
Related Vulnerabilities
Plone CMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-5491)
WebLogic Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-1324)
Internet Information Services Other Vulnerability (CVE-2002-1695)