Total vulnerabilities in the database
The be_user_creation task in TYPO3 4.2.x before 4.2.15 and 4.3.x before 4.3.7 allows remote authenticated users to gain privileges via a crafted POST request that creates a user account with arbitrary group memberships.
| Software | From | Fixed in |
|---|---|---|
| typo3 / typo3 | 4.2.10 | 4.2.10.x |
| typo3 / typo3 | 4.3.6 | 4.3.6.x |
| typo3 / typo3 | 4.2.14 | 4.2.14.x |
| typo3 / typo3 | 4.3.5 | 4.3.5.x |
| typo3 / typo3 | 4.2.4 | 4.2.4.x |
| typo3 / typo3 | 4.2.5 | 4.2.5.x |
| typo3 / typo3 | 4.2.11 | 4.2.11.x |
| typo3 / typo3 | 4.2.0 | 4.2.0.x |
| typo3 / typo3 | 4.2.8 | 4.2.8.x |
| typo3 / typo3 | 4.2.13 | 4.2.13.x |
| typo3 / typo3 | 4.2.3 | 4.2.3.x |
| typo3 / typo3 | 4.2.1 | 4.2.1.x |
| typo3 / typo3 | 4.3.2 | 4.3.2.x |
| typo3 / typo3 | 4.2.12 | 4.2.12.x |
| typo3 / typo3 | 4.2.6 | 4.2.6.x |
| typo3 / typo3 | 4.3.0 | 4.3.0.x |
| typo3 / typo3 | 4.2.2 | 4.2.2.x |
| typo3 / typo3 | 4.3.3 | 4.3.3.x |
| typo3 / typo3 | 4.3.4 | 4.3.4.x |
| typo3 / typo3 | 4.3.1 | 4.3.1.x |
| typo3 / typo3 | 4.2.7 | 4.2.7.x |
| typo3 / typo3 | 4.2.9 | 4.2.9.x |