CVE-2010-3716

Name of the Vulnerable Software and Affected Versions TYPO3 versions 4.2.x through 4.2.14 TYPO3 versions 4.3.x through 4.3.6

Description The issue allows remote authenticated users to gain privileges via a crafted POST request that creates a user account with arbitrary group memberships. Multiple vulnerabilities in the TYPO3 package may lead to a breach of protected information, and exploitation can be done remotely.

Recommendations For TYPO3 versions 4.2.x through 4.2.14, update to version 4.2.15 or later. For TYPO3 versions 4.3.x through 4.3.6, update to version 4.3.7 or later.