Description
The (old) Form Content Element component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 allows remote authenticated editors to generate arbitrary HMAC signatures and bypass intended access restrictions via unspecified vectors.
Remediation
References
Related Vulnerabilities
MySQL CVE-2022-21288 Vulnerability (CVE-2022-21288)
WordPress Plugin WooCommerce Cross-Site Scripting (5.1.0)
Drupal Core 6.x Cross-Site Scripting (6.0 - 6.11)
Magento XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2022-34253)
Jenkins Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2017-2612)