Information Disclosure in TYPO3 CMS

2024-06-0515:11:36

GitHub Advisory Database

github.com

information disclosure

typo3

api

security vulnerability

AI Score

7.1

Confidence

Low

HTTP requests being performed using the TYPO3 API expose the specific TYPO3 version to the called endpoint.

Affected configurations

Vulners

Node

typo3typo3_cmsRange8.0.0–8.7.5

typo3typo3_cmsRange7.6.0–7.6.22

VendorProductVersionCPE
typo3typo3_cms*cpe:2.3:a:typo3:typo3_cms:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
typo3	typo3_cms	*	cpe:2.3:a:typo3:typo3_cms::::::::

github.com/advisories/GHSA-c7p6-3c9c-f88q

github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2017-09-05-3.yaml

typo3.org/security/advisory/typo3-core-sa-2017-006

AI Score

7.1

Confidence

Low