Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in the pixxio (aka pixx.io integration or DAM) extension before 1.0.6 for TYPO3. The Access Control in the bundled media browser is broken, which allows an unauthenticated attacker to perform requests to the pixx.io API for the configured API user. This allows an attacker to download various media files from the DAM system.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
TYPO3 安全漏洞
Vulnerability Description
TYPO3是瑞士TYPO3协会的一套免费开源的内容管理系统(框架)(CMS/CMF)。 TYPO3 扩展pixxio 1.0.6之前版本存在安全漏洞,该漏洞源于扩展绑定的媒体浏览器中的访问控制被破坏,攻击者可利用该漏洞为配置的API用户执行对pixx.io API的请求,从DAM系统下载各种媒体文件。
CVSS Information
N/A
Vulnerability Type
N/A