Vulnerability Database

290,020

Total vulnerabilities in the database

CVE-2014-3946

The query caching functionality in the Extbase Framework component in TYPO3 6.2.0 before 6.2.3 does not properly validate group permissions, which allows remote authenticated users to read arbitrary queries via unspecified vectors.

  • Published: Jun 3, 2014
  • Updated: Apr 13, 2023
  • CVE: CVE-2014-3946
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 4
  • AV:N/AC:L/Au:S/C:P/I:N/A:N

CWEs:

Software From Fixed in
typo3 / typo3 6.2.1 6.2.1.x
typo3 / typo3 6.2.0-beta1 6.2.0-beta1.x
typo3 / typo3 6.2 6.2.x
typo3 / typo3 6.2.2 6.2.2.x
typo3 / typo3 6.2.0-beta3 6.2.0-beta3.x
typo3 / typo3 6.2.0-beta2 6.2.0-beta2.x