GHSA-r674-mc9p-hvw5
Suggest an improvement- Source
- https://github.com/advisories/GHSA-r674-mc9p-hvw5
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-r674-mc9p-hvw5/GHSA-r674-mc9p-hvw5.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-r674-mc9p-hvw5
- Aliases
-
- CVE-2013-7081
- Published
- 2022-05-17T04:54:37Z
- Modified
- 2023-11-08T03:57:27.890309Z
- Summary
- TYPO3 Improper Access Control vulnerability
- Details
-
The (old) Form Content Element component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 allows remote authenticated editors to generate arbitrary HMAC signatures and bypass intended access restrictions via unspecified vectors.
- Database specific
{ "nvd_published_at": "2013-12-23T23:55:00Z", "cwe_ids": [ "CWE-284" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2023-08-29T19:02:10Z" }- References
Affected packages
Packagist / typo3/cms-core
Package
- Name
- typo3/cms-core
- Purl
- pkg:composer/typo3/cms-core
Packagist / typo3/cms-core
Package
- Name
- typo3/cms-core
- Purl
- pkg:composer/typo3/cms-core
Packagist / typo3/cms-core
Package
- Name
- typo3/cms-core
- Purl
- pkg:composer/typo3/cms-core
Packagist / typo3/cms-core
Package
- Name
- typo3/cms-core
- Purl
- pkg:composer/typo3/cms-core