Description
TYPO3 is an open source PHP based web content management system. In versions 9.0.0 through 9.5.27, 10.0.0 through 10.4.17, and 11.0.0 through 11.3.0, user credentials may been logged as plain-text. This occurs when explicitly using log level debug, which is not the default configuration. TYPO3 versions 9.5.28, 10.4.18, 11.3.1 contain a patch for this vulnerability.
Remediation
References
Related Vulnerabilities
MySQL CVE-2020-14576 Vulnerability (CVE-2020-14576)
WordPress Plugin Video Posts Webcam Recorder Cross-Site Scripting (1.55.4)
Oracle Application Server CVE-2007-5516 Vulnerability (CVE-2007-5516)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6100)
Oracle Database Server CVE-2007-5504 Vulnerability (CVE-2007-5504)