CVE-2013-7080

Name of the Vulnerable Software and Affected Versions TYPO3 versions 4.5.0 through 4.5.31 TYPO3 versions 4.7.0 through 4.7.16 TYPO3 versions 6.0.0 through 6.0.11

Description The issue in the creating record functionality of the Extension table administration library allows remote attackers to write to arbitrary fields in the configuration database table via crafted links. This is related to a "Mass Assignment" issue.

Recommendations For versions 4.5.0 through 4.5.31, update to a version outside of this range to resolve the issue. For versions 4.7.0 through 4.7.16, update to a version outside of this range to resolve the issue. For versions 6.0.0 through 6.0.11, update to a version outside of this range to resolve the issue.