Описание
Information Disclosure in TYPO3 CMS
Failing to properly check user permission on file storages, editors could gain knowledge of protected storages and its folders as well as using them in a file collection being rendered in the frontend. A valid backend user account is needed to exploit this vulnerability.
Пакеты
Наименование
typo3/cms
composer
Затронутые версииВерсия исправления
>= 7.6.0, < 7.6.22
7.6.22
Наименование
typo3/cms
composer
Затронутые версииВерсия исправления
>= 8.0.0, < 8.7.5
8.7.5
4.3 Medium
CVSS3
4.3 Medium
CVSS3