logo

Database

Technical information leak In typo3/cms

Description

Information Disclosure in TYPO3 CMS HTTP requests being performed using the TYPO3 API expose the specific TYPO3 version to the called endpoint.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. GCVE-GHSA-c7p6-3c9c-f88q

References

1. https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2017-09-05-3.yaml2. https://typo3.org/security/advisory/typo3-core-sa-2017-006

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.