Name of the Vulnerable Software and Affected Versions TYPO3 (affected versions not specified)

Description The issue concerns TYPO3's built-in record registration functionality, also known as the "basic shopping cart", which is vulnerable to denial of service when using recs URL parameters. This is due to the failure to properly validate anonymous user sessions, allowing attackers to create an arbitrary number of individual session-data records in the database.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.