The frontend rendering component in TYPO3 4.5.x before 4.5.39, 4.6.x through 6.2.x before 6.2.9, and 7.x before 7.0.2, when config.prefixLocalAnchors is set to all or cached, allows remote attackers to have an unspecified impact (possibly resource consumption) via a "Cache Poisoning" attack using a URL with arbitrary arguments, which triggers a reload of the page.
References
Link | Resource |
---|---|
http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-003/ | Exploit Vendor Advisory |
http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-003/ | Exploit Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 02:21
Type | Values Removed | Values Added |
---|---|---|
References | () http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-003/ - Exploit, Vendor Advisory |
Information
Published : 2015-01-04 21:59
Updated : 2024-11-21 02:21
NVD link : CVE-2014-9509
Mitre link : CVE-2014-9509
CVE.ORG link : CVE-2014-9509
JSON object : View
Products Affected
typo3
- typo3
CWE
CWE-20
Improper Input Validation