The Backend subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before 4.1.13, 4.2.x before 4.2.10, and 4.3.x before 4.3beta2 allows remote authenticated users to determine an encryption key via crafted input to a tt_content form element.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2009-11-02 15:30
Updated : 2024-02-28 11:21
NVD link : CVE-2009-3628
Mitre link : CVE-2009-3628
CVE.ORG link : CVE-2009-3628
JSON object : View
Products Affected
typo3
- typo3
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor