Description
The Content Editing Wizards component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 does not check permissions, which allows remote authenticated editors to read arbitrary TYPO3 table columns via unspecified parameters.
Remediation
References
Related Vulnerabilities
WordPress Plugin WordPress Easy Custom Js And Css Cross-Site Scripting (1.1.2)
WordPress Plugin WordPress Download Manager Cross-Site Scripting (2.9.51)
Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2019-10097)
XWiki Other Vulnerability (CVE-2023-29507)
Oracle Database Server CVE-2011-0879 Vulnerability (CVE-2011-0879)