Description

TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, 6.1.0 before 6.1.9, and 6.2.0 before 6.2.3 allows remote attackers to have unspecified impact via a crafted HTTP Host header, related to "Host Spoofing."

Remediation

References

CVE-2014-3941

Related Vulnerabilities

WordPress Plugin Site Offline Or Coming Soon Or Maintenance Mode Security Bypass (1.5.2)

WordPress Plugin Loco Translate Local File Inclusion (2.2.1)

WordPress Plugin YOP Poll Cross-Site Scripting (6.0.2)

WordPress Plugin wpForo Forum Open Redirect (1.9.6)

Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16687)

Severity

Medium

Classification

CVE-2014-3941 CWE-20

Tags

Missing Update Known Vulnerabilities