VulnerableCode Vulnerability Details - VCID-b4du-skke-dqa8

Search for vulnerabilities

Vulnerability details: VCID-b4du-skke-dqa8

Essentials
Severities (7)
References (16)
Severity details (5)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-b4du-skke-dqa8
Aliases	CVE-2013-7081 GHSA-r674-mc9p-hvw5
Summary	TYPO3 Improper Access Control vulnerability The (old) Form Content Element component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 allows remote authenticated editors to generate arbitrary HMAC signatures and bypass intended access restrictions via unspecified vectors.
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

Weaknesses (4)

CWE-284	Improper Access Control
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-264	Permissions, Privileges, and Access Controls
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
epss	0.00171	https://api.first.org/data/v1/epss?cve=CVE-2013-7081
epss	0.00171	https://api.first.org/data/v1/epss?cve=CVE-2013-7081
generic_textual	MODERATE	http://seclists.org/oss-sec/2013/q4/473
generic_textual	MODERATE	https://github.com/TYPO3-CMS/core
generic_textual	MODERATE	https://nvd.nist.gov/vuln/detail/CVE-2013-7081
generic_textual	MODERATE	http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004
generic_textual	MODERATE	http://www.debian.org/security/2014/dsa-2834

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2013-7081
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7073
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7074
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7075
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7076
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7078
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7079
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7080
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7081
		http://seclists.org/oss-sec/2013/q4/473
		https://github.com/TYPO3-CMS/core
		https://nvd.nist.gov/vuln/detail/CVE-2013-7081
		http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004
		http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004/
		http://www.debian.org/security/2014/dsa-2834
GHSA-r674-mc9p-hvw5		https://github.com/advisories/GHSA-r674-mc9p-hvw5

No exploits are available.

Exploit Prediction Scoring System (EPSS)

Percentile	0.39159
EPSS Score	0.00171
Published At	June 30, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-07-01T12:26:04.480792+00:00	GithubOSV Importer	Import	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-r674-mc9p-hvw5/GHSA-r674-mc9p-hvw5.json	36.1.3