CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:S/C:P/I:P/A:P
EPSS
Percentile
68.1%
view_help.php in the backend help system in TYPO3 4.5.x before 4.5.19,
4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote authenticated
backend users to unserialize arbitrary objects and possibly execute
arbitrary PHP code via an unspecified parameter, related to a “missing
signature (HMAC).”