Description
TYPO3 before 4.4.9 and 4.5.x before 4.5.4 does not apply proper access control on ExtDirect calls which allows remote attackers to retrieve ExtDirect endpoint services.
Remediation
References
Related Vulnerabilities
WordPress Plugin Featured Video Plus Unspecified Vulnerability (2.2.3)
WordPress Plugin WP Reactions Lite Cross-Site Scripting (1.3.5)
WordPress Other Vulnerability (CVE-2005-1688)
WordPress Plugin WordPress Ad Widget Local File Inclusion (2.11.0)
WordPress Plugin Gallery Master-Responsive Photo Galleries & Albums Cross-Site Scripting (1.0.22)