WEB APPLICATION VULNERABILITIES Standard & Premium

TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-7081)

Description

The (old) Form Content Element component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 allows remote authenticated editors to generate arbitrary HMAC signatures and bypass intended access restrictions via unspecified vectors.

Remediation

References

Related Vulnerabilities

Apache Tomcat version older than 7.0.23

Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-3220)

XWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-36095)

PHP Other Vulnerability (CVE-2002-0253)

WordPress Plugin Revive Old Post-Auto Post to Social Media 'cat' Parameter SQL Injection (3.2.5)

Severity

Medium

Classification

CVE-2013-7081 CWE-264

Tags

Missing Update Known Vulnerabilities