Lucene search
PRIOn knowledge basePRION:CVE-2013-7073HistoryDec 23, 2013 - 11:55 p.m.
Code injection
2013-12-2323:55:00
PRIOn knowledge base
www.prio-n.com
8
The Content Editing Wizards component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 does not check permissions, which allows remote authenticated editors to read arbitrary TYPO3 table columns via unspecified parameters.
References
lists.opensuse.org/opensuse-security-announce/2016-08/msg00028.html
lists.opensuse.org/opensuse-updates/2016-08/msg00083.html
lists.opensuse.org/opensuse-updates/2016-08/msg00106.html
seclists.org/oss-sec/2013/q4/473
seclists.org/oss-sec/2013/q4/487
typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004/
www.debian.org/security/2014/dsa-2834
Related
cve
cve
CVE-2013-7073
2013-12-23 23:55:04
ubuntucve
ubuntucve
CVE-2013-7073
2013-12-23 00:00:00
cvelist
cvelist
CVE-2013-7073
2013-12-23 23:00:00
nvd
nvd
CVE-2013-7073
2013-12-23 23:55:04
osv
osv
github
github
openvas
openvas
openSUSE: Security Advisory for Typo3 (openSUSE-SU-2016:2025-1)
2016-08-11 00:00:00
TYPO3 Multiple Vulnerabilities (Dec 2013)
2014-01-06 00:00:00
Debian Security Advisory DSA 2834-1 (typo3-src - several vulnerabilities)
2014-01-01 00:00:00
nessus
nessus
openSUSE Security Update : typo3 (openSUSE-2016-959)
2016-08-12 00:00:00
openSUSE Security Update : typo3-cms-4_5 (openSUSE-2016-1022)
2016-08-30 00:00:00
openSUSE Security Update : typo3-cms-4_7 (openSUSE-2016-1002)
2016-08-22 00:00:00
suse
suse
Important security fixes for Typo3 (important)
2016-08-10 22:09:17
debian
debian
[SECURITY] [DSA 2834-1] typo3-src security update
2014-01-01 16:19:19
[SECURITY] [DSA 2834-1] typo3-src security update
2014-01-01 16:19:19
securityvulns
securityvulns
[SECURITY] [DSA 2834-1] typo3-src security update
2014-01-09 00:00:00
typo3
typo3
Multiple Vulnerabilities in TYPO3 CMS
2013-12-10 00:00:00