Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Backend History Module in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 does not properly restrict access, which allows remote authenticated editors to read the history of arbitrary records via a crafted URL.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
TYPO3 Backend History Module 权限许可和访问控制漏洞
Vulnerability Description
TYPO3是瑞士TYPO3协会维护的一套免费开源的内容管理系统(框架)(CMS/CMF)。 TYPO3 Backend History Module中存在安全漏洞,该漏洞源于程序没有正确限制访问。远程攻击者可借助特制的URL利用该漏洞读取任意记录的历史。以下版本受到影响:TYPO3 4.5.21之前的4.5.x版本,4.6.14之前的4.6.x版本,4.7.6之前的4.7.x版本。
CVSS Information
N/A
Vulnerability Type
N/A