Description
The rsaauth extension in TYPO3 4.3.0 through 4.3.14, 4.4.0 through 4.4.15, 4.5.0 through 4.5.39, and 4.6.0 through 4.6.18, when configured for the frontend, allows remote attackers to bypass authentication via a password that is casted to an empty value.
Remediation
References
Related Vulnerabilities
WebLogic CVE-2020-2549 Vulnerability (CVE-2020-2549)
WordPress Plugin eCommerce Product Catalog for WordPress Cross-Site Request Forgery (2.9.43)
Oracle Application Server CVE-2009-0989 Vulnerability (CVE-2009-0989)
Dotclear Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-3232)
WordPress Plugin WP Legal Pages Cross-Site Scripting (1.0.1)