Extbase in TYPO3 4.3.0 before 6.2.24, 7.x before 7.6.8, and 8.1.1 allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted Extbase action.
References
Link | Resource |
---|---|
https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-013/ | Vendor Advisory Patch |
http://www.openwall.com/lists/oss-security/2016/05/26/2 | Mailing List Third Party Advisory |
http://www.openwall.com/lists/oss-security/2016/05/25/4 | Mailing List Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2017-01-23 13:59
Updated : 2017-01-26 08:39
NVD link : CVE-2016-5091
Mitre link : CVE-2016-5091
JSON object : View
CWE
CWE-254
7PK - Security Features
Products Affected
typo3
- typo3