FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-19 19:12:13 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
3caf4e6c-4cef-11e6-a15f-00248c0c745dtypo3 -- Missing access check in Extbase

TYPO3 reports:

Extbase request handling fails to implement a proper access check for requested controller/ action combinations, which makes it possible for an attacker to execute arbitrary Extbase actions by crafting a special request. To successfully exploit this vulnerability, an attacker must have access to at least one Extbase plugin or module action in a TYPO3 installation. The missing access check inevitably leads to information disclosure or remote code execution, depending on the action that an attacker is able to execute.


Discovery 2016-05-24
Entry 2016-07-18
typo3
< 7.6.8

typo3-lts
< 6.2.24

CVE-2016-5091
https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-013/
https://wiki.typo3.org/TYPO3_CMS_7.6.8
https://wiki.typo3.org/TYPO3_CMS_6.2.24