Search for packages
| purl | pkg:composer/typo3/cms@4.3.0-alpha |
| Tags | Ghost |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-zzxz-2f13-qyhn
Aliases: TYPO3-CORE-SA-2016-013 |
Missing Access Check Extbase request handling fails to implement a proper access check for requested controller/ action combinations, which makes it possible for an attacker to execute arbitrary Extbase actions by crafting a special request. To successfully exploit this vulnerability, an attacker must have access to at least one Extbase plugin or module action in a TYPO3 installation. The missing access check inevitably leads to information disclosure or remote code execution, depending on the action that an attacker is able to execute. |
Affected by 33 other vulnerabilities.
This version is affected by these other vulnerabilities:
Affected by 70 other vulnerabilities.
This version is affected by these other vulnerabilities:
Affected by 112 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-07-01T18:10:13.078814+00:00 | GitLab Importer | Affected by | VCID-zzxz-2f13-qyhn | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/cms/TYPO3-CORE-SA-2016-013.yml | 36.1.3 |