GHSA-cv9j-78f7-w6v9

Source

https://github.com/advisories/GHSA-cv9j-78f7-w6v9

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/07/GHSA-cv9j-78f7-w6v9/GHSA-cv9j-78f7-w6v9.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-cv9j-78f7-w6v9

Aliases

CVE-2020-25025

Published

2021-07-26T21:41:22Z

Modified

2023-11-08T04:03:09.299621Z

Severity

4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Summary

Incorrect Authorization in TYPO3 extension

Details

The l10nmgr (aka Localization Manager) extension before 7.4.0, 8.x before 8.7.0, and 9.x before 9.2.0 for TYPO3 allows Information Disclosure (translatable fields).

Database specific

{
    "nvd_published_at": "2020-09-02T17:15:00Z",
    "github_reviewed_at": "2021-07-26T18:51:12Z",
    "severity": "MODERATE",
    "github_reviewed": true,
    "cwe_ids": [
        "CWE-863"
    ]
}

References

Affected packages

Packagist / localizationteam/l10nmgr

Package

Name: localizationteam/l10nmgr
Purl: pkg:composer/localizationteam/l10nmgr

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.4.0

Affected versions

5.*

5.1.1

5.2.0

7.*

7.0.1

7.1.0

7.1.1

7.1.2

7.1.3

7.1.4

7.1.5

7.2.0

7.3.0

7.3.1

7.3.2

7.3.3

Packagist / localizationteam/l10nmgr

Package

Name: localizationteam/l10nmgr
Purl: pkg:composer/localizationteam/l10nmgr

Affected ranges

Type: ECOSYSTEM
Events: Introduced

8.0.0

Fixed

8.7.0

Affected versions

8.*

8.0.0

8.1.1

8.1.2

8.2.0

8.2.1

8.4.0

8.5.0

8.6.0

Packagist / localizationteam/l10nmgr

Package

Name: localizationteam/l10nmgr
Purl: pkg:composer/localizationteam/l10nmgr

Affected ranges

Type: ECOSYSTEM
Events: Introduced

9.0.0

Fixed

9.2.0

Affected versions

9.*

9.0.0

9.0.1

9.1.0