Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Broken Access Control in Backend Module in sf_event_mgt
Vulnerability Description
sf_event_mgt is an event management and registration extension for the TYPO3 CMS based on ExtBase and Fluid. In affected versions the existing access control check for events in the backend module got broken during the update of the extension to TYPO3 12.4, because the `RedirectResponse` from the `$this->redirect()` function was never handled. This issue has been addressed in version 7.4.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
访问控制不恰当
Vulnerability Title
sf_event_mgt 安全漏洞
Vulnerability Description
sf_event_mgt是基于 ExtBase 和 Fluid 的 TYPO3 CMS 事件管理和注册扩展。 sf_event_mgt 7.0.0版本存在安全漏洞,该漏洞源于在将扩展更新为TYPO3 12.4的过程中存在安全漏洞。
CVSS Information
N/A
Vulnerability Type
N/A