Description
The frontend rendering component in TYPO3 4.5.x before 4.5.39, 4.6.x through 6.2.x before 6.2.9, and 7.x before 7.0.2, when config.prefixLocalAnchors is set to all or cached, allows remote attackers to have an unspecified impact (possibly resource consumption) via a "Cache Poisoning" attack using a URL with arbitrary arguments, which triggers a reload of the page.
Remediation
References
Related Vulnerabilities
WordPress Plugin Pinterest 'Pin It' Button Multiple Unspecified Vulnerabilities (1.3.1)
WordPress Plugin MailPoet Newsletters (Previous) SQL Injection (2.2)
WordPress Plugin BuddyPress 'page' Parameter SQL Injection (1.5.4)
WordPress Plugin WP-FaceThumb Cross-Site Scripting (1.0)
WordPress Plugin WP Photo Album Plus Cross-Site Scripting (5.4.17)