Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2009-3630

Опубликовано: 02 нояб. 2009
Источник: nvd
CVSS2: 5.5
EPSS Низкий

Описание

The Backend subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before 4.1.13, 4.2.x before 4.2.10, and 4.3.x before 4.3beta2 allows remote authenticated users to place arbitrary web sites in TYPO3 backend framesets via crafted parameters, related to a "frame hijacking" issue.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*
Версия до 4.0.12 (включая)
cpe:2.3:a:typo3:typo3:0.1.2:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:1.0.14:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:1.1:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:1.1.09:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:1.1.10:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:1.3.2:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:3.0:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:3.3.x:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:3.5:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:3.5.x:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:3.6.x:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:3.7.0:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:3.7.1:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:3.7.x:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:3.8:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:3.8.x:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.0:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.0.2:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.0.3:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.0.4:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.0.5:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.0.6:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.0.7:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.0.8:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.0.9:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.0.10:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.0.11:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.1.0:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.1.0:beta1:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.1.0:rc1:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.1.1:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.1.2:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.1.3:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.1.4:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.1.5:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.1.6:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.1.7:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.1.8:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.1.9:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.1.10:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.1.11:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.1.12:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.2.0:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.2.1:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.2.2:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.2.3:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.2.4:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.2.5:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.2.6:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.2.7:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.2.8:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.2.9:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.3:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:4.3:alpha1:*:*:*:*:*:*

EPSS

Процентиль: 76%
0.00949
Низкий

5.5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

ubuntu логотип

CVE-2009-3630

ubuntu
около 16 лет назад

The Backend subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before 4.1.13, 4.2.x before 4.2.10, and 4.3.x before 4.3beta2 allows remote authenticated users to place arbitrary web sites in TYPO3 backend framesets via crafted parameters, related to a "frame hijacking" issue.

debian логотип

CVE-2009-3630

debian
около 16 лет назад

The Backend subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before 4.1 ...

github логотип

GHSA-mg66-3x8x-r8g2

github
больше 3 лет назад

TYPO3 Backend vulnerable to Frame Hijacking

EPSS

Процентиль: 76%
0.00949
Низкий

5.5 Medium

CVSS2

Дефекты

NVD-CWE-Other