TYPO3 prior to 4.4.9 and 4.5.x prior to 4.5.4 does not apply proper access control on ExtDirect calls which allows remote malicious users to retrieve ExtDirect endpoint services.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
typo3 typo3 |