WEB APPLICATION VULNERABILITIES Standard & Premium

TYPO3 Improper Authentication Vulnerability (CVE-2015-2047)

Description

The rsaauth extension in TYPO3 4.3.0 through 4.3.14, 4.4.0 through 4.4.15, 4.5.0 through 4.5.39, and 4.6.0 through 4.6.18, when configured for the frontend, allows remote attackers to bypass authentication via a password that is casted to an empty value.

Remediation

References

Related Vulnerabilities

WebLogic CVE-2020-2549 Vulnerability (CVE-2020-2549)

WordPress Plugin eCommerce Product Catalog for WordPress Cross-Site Request Forgery (2.9.43)

Oracle Application Server CVE-2009-0989 Vulnerability (CVE-2009-0989)

Dotclear Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-3232)

WordPress Plugin WP Legal Pages Cross-Site Scripting (1.0.1)

Severity

Low

Classification

CVE-2015-2047 CWE-287

Tags

Missing Update Known Vulnerabilities