Описание
TYPO3 Information Disclosure in Backend User Interface
The element information component used to display properties of a certain record is susceptible to information disclosure. The list of references from or to the record is not properly checked for the backend user’s permissions. A valid backend user account is needed in order to exploit this vulnerability.
Пакеты
Наименование
typo3/cms-core
composer
Затронутые версииВерсия исправления
>= 8.0.0, < 8.7.27
8.7.27
Наименование
typo3/cms-core
composer
Затронутые версииВерсия исправления
>= 9.0.0, < 9.5.8
9.5.8
5.4 Medium
CVSS3
Дефекты
CWE-862
5.4 Medium
CVSS3
Дефекты
CWE-862