Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The be_user_creation task in TYPO3 4.2.x before 4.2.15 and 4.3.x before 4.3.7 allows remote authenticated users to gain privileges via a crafted POST request that creates a user account with arbitrary group memberships.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
TYPO3输入验证漏洞
Vulnerability Description
TYPO3 是基于PHP和MySQL数据库的开源内容管理系统(CMS)和内容管理框架(CMF)的领导性品牌之一,是强大的开源解决方案。 TYPO3 4.2.15之前的4.2.x版本,4.3.7之前的4.3.x版本中的be_user_creation任务存在输入验证漏洞。远程认证用户可以借助用于创建具有任意组成员用户账户的特制POST请求获得权限提升。
CVSS Information
N/A
Vulnerability Type
N/A