TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to bypass authentication mechanisms in the backend through a crafted request.
[
{
"product": "TYPO3",
"vendor": "TYPO3",
"versions": [
{
"status": "affected",
"version": "before 4.5.4"
}
]
}
]