Описание
An issue was discovered in the view_statistics (aka View frontend statistics) extension before 2.0.1 for TYPO3. It saves all GET and POST data of TYPO3 frontend requests to the database. Depending on the extensions used on a TYPO3 website, sensitive data (e.g., cleartext passwords if ext:felogin is installed) may be saved.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.0.1 (исключая)
cpe:2.3:a:view_frontend_statistics_project:view_frontend_statistics:*:*:*:*:*:typo3:*:*
EPSS
Процентиль: 36%
0.00153
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-312
Связанные уязвимости
github
больше 3 лет назад
An issue was discovered in the view_statistics (aka View frontend statistics) extension before 2.0.1 for TYPO3. It saves all GET and POST data of TYPO3 frontend requests to the database. Depending on the extensions used on a TYPO3 website, sensitive data (e.g., cleartext passwords if ext:felogin is installed) may be saved.
EPSS
Процентиль: 36%
0.00153
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-312