Описание
Frontend User Registration extension for TYPO3 does not properly verify access rights
Frontend User Registration (sr_feuser_register) extension 2.5.20 and earlier for TYPO3 does not properly verify access rights, which allows remote authenticated users to obtain sensitive information such as passwords via unknown attack vectors.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2009-1264
- https://web.archive.org/web/20090527190538/http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-004
- https://web.archive.org/web/20200228205603/http://www.securityfocus.com/bid/34374
- http://typo3.org/extensions/repository/view/sr_feuser_register/2.5.21
Пакеты
Наименование
sjbr/sr-feuser-register
composer
Затронутые версииВерсия исправления
< 2.5.21
2.5.21
Связанные уязвимости
nvd
почти 17 лет назад
Frontend User Registration (sr_feuser_register) extension 2.5.20 and earlier for TYPO3 does not properly verify access rights, which allows remote authenticated users to obtain sensitive information such as passwords via unknown attack vectors.