Описание
Frontend User Registration (sr_feuser_register) extension 2.5.20 and earlier for TYPO3 does not properly verify access rights, which allows remote authenticated users to obtain sensitive information such as passwords via unknown attack vectors.
Ссылки
- Vendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- Patch
- PatchVendor Advisory
- Vendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- Patch
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.5.20 (включая)
Одновременно
cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*
Одно из
cpe:2.3:a:stanislas_rolland:sr_feuser_register:*:*:*:*:*:*:*:*
cpe:2.3:a:stanislas_rolland:sr_feuser_register:1.4:*:*:*:*:*:*:*
cpe:2.3:a:stanislas_rolland:sr_feuser_register:1.6:*:*:*:*:*:*:*
cpe:2.3:a:stanislas_rolland:sr_feuser_register:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:stanislas_rolland:sr_feuser_register:2.2.7:*:*:*:*:*:*:*
cpe:2.3:a:stanislas_rolland:sr_feuser_register:2.2.8:*:*:*:*:*:*:*
cpe:2.3:a:stanislas_rolland:sr_feuser_register:2.3:*:*:*:*:*:*:*
cpe:2.3:a:stanislas_rolland:sr_feuser_register:2.3.6:*:*:*:*:*:*:*
cpe:2.3:a:stanislas_rolland:sr_feuser_register:2.4:*:*:*:*:*:*:*
cpe:2.3:a:stanislas_rolland:sr_feuser_register:2.5:*:*:*:*:*:*:*
cpe:2.3:a:stanislas_rolland:sr_feuser_register:2.5.10:*:*:*:*:*:*:*
EPSS
Процентиль: 58%
0.00364
Низкий
4 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
почти 4 года назад
Frontend User Registration extension for TYPO3 does not properly verify access rights
EPSS
Процентиль: 58%
0.00364
Низкий
4 Medium
CVSS2
Дефекты
CWE-264