icon

We found results for “

WS-2018-0049

Good to know:

icon

Date: November 22, 2016

Insecure Unserialize vulnerability in TYPO3 6.2.0 before 6.2.29, 7.6.0 before 7.6.13 and 8.0.0 before 8.4.1. Failing to properly validate incoming data, the suggest wizard is susceptible to insecure unserialize. To exploit this vulnerability a valid backend user account is needed.

Language: PHP

Severity Score

Severity Score

Weakness Type (CWE)

Deserialization of Untrusted Data

CWE-502

Top Fix

icon

Upgrade Version

Upgrade to version TYPO3_6-2-29,TYPO3_7-6-13,TYPO3_8-4-1

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): HIGH
Privileges Required (PR): LOW
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): LOW
Integrity (I): LOW
Availability (A): LOW

Do you need more information?

Contact Us