Vulnerability Database
296,172
Total vulnerabilities in the database
TYPO3 may allow editors to change, create, or delete metadata of files not within their file mounts
It has been discovered, that editors with access to file meta data table could change, create or delete metadata of files which are not within their file mounts.
| Software | From | Fixed in |
|---|---|---|
typo3 / cms
|
6.2.0 | 6.2.14 |
|
typo3 / cms
|
7.0.0 | 7.3.1 |
- https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2015-07-01-1.yaml
- https://github.com/TYPO3/typo3/commit/0decbf83c531cab77497429eb2edecf9a1038b25
- https://github.com/TYPO3/typo3/commit/bff9fa5945801d1d2c641ddc8eb86c6647549d80
- https://typo3.org/security/advisory/typo3-core-sa-2015-002
- https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-002