PT-2011-3322 · Typo3 · Typo3 Wec Discussion Forum

Matthias Hunstock

Publicado

2011-04-19

Atualizado

2017-08-17

CVE-2011-1722

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions TYPO3 WEC Discussion Forum (wec discussion) extension versions 2.1.0 and earlier

Description The issue allows remote attackers to execute arbitrary SQL commands, which has been exploited in the wild.

Recommendations For versions 2.1.0 and earlier, update to a version later than 2.1.0 to resolve the issue.

Correção

SQL injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

CVE-2011-1722

Typo3 Wec Discussion Forum